A basic question: Would Websocket app (TCP 443) traffic be filtered by a
policy with a Web Filter profile? Or do we need to match it with
Application Control in a separate policy before or after the web filter
policy?Thanks, Toshi
I'm working on migrating my home OpenSUSE machine I'm using for
freeradius server to authenticate admin and VPN users on my FG40F(7.2.8)
from Leap 15.3 to 15.5(on a new machine). Obviously 15.5's repo has a
newer version of freeradius-server image.Th...
As all the other users at FortiCloud must have gotten, I received an
announcement email per email account for 2FA auth enforcement starting
June the 7th.My question is if it would apply to this Forum login
account. I've kept using my old account emai...
When we configure this SSL VPN MAC address filtering, what system limit
would dictate the max number of MAC addresses we can configure on an FGT
(no
vdom/muti-vdom)?https://community.fortinet.com/t5/FortiGate/Technical-Tip-MAC-address-check-on-SSL-VP...
Please let me make sure the order a FGT examine policies.If there is a
specific policy from a specific interface like "lan" to another specific
interface like "wan1" with "any" source and "any" destination, it would
be examined before another policy ...
Oh, by the way, your traceroute from inside of 80F might not be
efficient. Even if you specified the source IP to be the interface IP of
the /29 with "exe traceroute-option source ", it wouldn't
come through the policy the 80F has.So you should trace...
I hate the dialup VPN after they made the change for routing after
6.0/6.2.https://community.fortinet.com/t5/FortiGate/Technical-Tip-set-net-device-new-route-based-IPsec-logic/ta-p/193618I
think now it works if you have "set add-route enable" after
7...
Probably you're aware, but the interface names are still limited to 15.
Just a
reminder.https://community.fortinet.com/t5/FortiGate/Technical-Tip-Naming-rules-and-character-restrictions/ta-p/196911Toshi
We need to know the topology at A including the two 80F, and which 80F
the /29 is connected as well as the routing-table on the 80F. Again,
"get router info routing-t all" then you can remove unrelated part from
the entire table before showing it to ...