Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
nbctcp
New Contributor III

Telegram notification

SW INFO:
-pnetlab 5.2.7
-fortigate qcow eval license
 

 

I am following above links to set notification in telegram if admin login

I can send manually from linux to telegram

# curl --request 'POST'https://api.telegram.org/bot5962153123:AAHf7wKYu7dhheSiLc580pC4G-LUmEvOSLA/sendMessage -H 'Content-Type:application/json' -d '{"chat_id":"-759260123","text":"coba2"}' 
 
CONFIG:
config system automation-action
edit "telegram"
set action-type webhook
set protocol https
set uri "api.telegram.org/bot5962153123:AAHf7wKYu7dhheSiLc580pC4G-LUmEvOSLA/sendMessage"
set http-body "{\"chat_id\":\"-759260123\",\"text\":\"%%msg%%\"}"
set port 443
set headers "Content-Type:application/json"
set verify-host-cert enable
next
end
 
STATUS:
-I can see System Event shown "Automation stitch triggered" but nothing happen in my telegram
 
?
1. can I test using fortigate 7.2 eval license in pnetlab
 
tq
 
UPDATE1:
-with real 80D I can get notif in telegram
that mean I can't test webhook in vm eval license
http://goo.gl/lhQjmUhttp://nbctcp.wordpress.com
1 Solution
pminarik
Staff
Staff

Just an educated guess: Make a packet capture of traffic going to the api.telegram.org address, and then check the pcap. Pay attention to the TLS handshake first.

The trial VMs are known to have severely restricted crypto algorithms, to the point of being unfit for modern use. While an exception has been made for incoming admin access and FortiManager communication (ref ), I would assume that outgoing stitches are still bound by these restrictions. The pcap should allow you to verify this - if the TLS handshake is failing due to no crypto match, that's it.

[ corrections always welcome ]

View solution in original post

2 REPLIES 2
pminarik
Staff
Staff

Just an educated guess: Make a packet capture of traffic going to the api.telegram.org address, and then check the pcap. Pay attention to the TLS handshake first.

The trial VMs are known to have severely restricted crypto algorithms, to the point of being unfit for modern use. While an exception has been made for incoming admin access and FortiManager communication (ref ), I would assume that outgoing stitches are still bound by these restrictions. The pcap should allow you to verify this - if the TLS handshake is failing due to no crypto match, that's it.

[ corrections always welcome ]
Caroburgh
New Contributor

It seems like you're working on setting up Telegram notifications for admin login and running into some issues. Testing webhook functionality with a FortiGate eval license in a virtual environment might not yield the expected results, as mentioned in your update. If you're looking for reliable Telegram accounts, you can Buy Telegram Accounts online. You can find more information about buying Telegram accounts on their website. It's great to hear that you were able to receive notifications with a real 80D FortiGate device. That indicates the webhook functionality is working as expected.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors