Hi all I’m trying to deploy clustered Fortigate 800 with transport
mode in the middle of two 100-based Ethernet links. The point is that
each one of those two links belong to different VLAN tag (1st is 100,
2nd is 200) and those two links are comin...
Dear All, Hope everybody is doing great, I wonder if there is any way to
limit the download for each user/address for a cretin number of MB, for
example, I want to limit one user to download 100MB per month as max,
any hints?? Thanks
Dear all, i have a big problem, and wish that someone will help me with
it. im configuring FM100 as gateway mode, and i cant authenticate my
self to my exchange 2003 server, all what i did, is to configure a
domain name in Mail Settings--> Domains, t...
i have site to site VPN connection, with static ip in one, and dynamic
ip in the other, also the tunnel is up and running. when i try to ping
from one FG private LAN to the other lan, even the Private ip of the
remote FG it self, i got no responce......
Hi Vanc, In 5.2, you have new option under SSL inspection called SSL
certificate inspection besides the legacy Full SSL inspection. Skype
will not work under Full inspection as it really performs the man in the
middle, where in SSL certificate inspec...
Setup illustrated is doable. no doubt about it as i made it many times
in standalone and HA A-A scenario However, i really don' t recommend the
direct connectivity thing as the FortiGate wasn' t meant to be used as
switch " in fact it can do so" as s...
@JHamilton if i understood your sketch right, all what you need to do it
to make three VLANs reaching the FortiGate, right? if so, all what you
need to do is to define trunk on the FortiGare, on top of which you
create three VLAN interfaces with appr...
I believe you can do so with custom IPS signature. you may configure
http signature looking into HTTP.UPLOAD or HTTP.PUT (depending on the
application you are willing to block its traffic). just sniff the
traffic, drill down the exact commands used, ...
If it is a logical failure detected by DGD, you should see log stating
that gateway configured is not detected. if so, your ISP may be blocking
sensing protocol " like ICMP" toward some widely recognized IPs
(8.8.8.8, 8.8.4.4, etc) Mohammad