This version of FMG was released last week and now CVE-2024-47575 is
released as well.https://www.fortiguard.com/psirt/FG-IR-24-423However,
the release notes doesn't have anything in the resolved issue section.
Does this actually have the vulnerabili...
A basic question: Would Websocket app (TCP 443) traffic be filtered by a
policy with a Web Filter profile? Or do we need to match it with
Application Control in a separate policy before or after the web filter
policy?Thanks, Toshi
I'm working on migrating my home OpenSUSE machine I'm using for
freeradius server to authenticate admin and VPN users on my FG40F(7.2.8)
from Leap 15.3 to 15.5(on a new machine). Obviously 15.5's repo has a
newer version of freeradius-server image.Th...
As all the other users at FortiCloud must have gotten, I received an
announcement email per email account for 2FA auth enforcement starting
June the 7th.My question is if it would apply to this Forum login
account. I've kept using my old account emai...
When we configure this SSL VPN MAC address filtering, what system limit
would dictate the max number of MAC addresses we can configure on an FGT
(no
vdom/muti-vdom)?https://community.fortinet.com/t5/FortiGate/Technical-Tip-MAC-address-check-on-SSL-VP...
No. That idea wouldn't work only with two routers/neighbors. If a third
router is inbetween, you can split the area at the 3rd one/ABR to bridge
between two areas. The nighbors can directly talk each other only in the
same area.With your concern, as ...
Ok, then my original interpretation was right. It's same as Cisco's OSPF
configuration like below: router ospf 1 router-id 10.0.0.2
log-adjacency-changes network 172.16.2.1 0.0.0.255 area 0
distribute-list route-map in [OSPF table -> RIB]Toshi
The "distibute-list-in" is a filter that is applied when OSPF routes go
into RIB. It's NOT filtering when OSPF advertising to the neighbor.
You're filtering routes on the receiving side. That's why it works. See
the KB
below:https://community.fortine...
