Re: Fortigate OSPF routes

Toshi_Esumi · 10-23-2024

This version of FMG was released last week and now CVE-2024-47575 is released as well.https://www.fortiguard.com/psirt/FG-IR-24-423However, the release notes doesn't have anything in the resolved issue section. Does this actually have the vulnerabili...

Toshi_Esumi · 07-24-2024

A basic question: Would Websocket app (TCP 443) traffic be filtered by a policy with a Web Filter profile? Or do we need to match it with Application Control in a separate policy before or after the web filter policy?Thanks, Toshi

Toshi_Esumi · 07-21-2024

I'm working on migrating my home OpenSUSE machine I'm using for freeradius server to authenticate admin and VPN users on my FG40F(7.2.8) from Leap 15.3 to 15.5(on a new machine). Obviously 15.5's repo has a newer version of freeradius-server image.Th...

Toshi_Esumi · 05-07-2024

As all the other users at FortiCloud must have gotten, I received an announcement email per email account for 2FA auth enforcement starting June the 7th.My question is if it would apply to this Forum login account. I've kept using my old account emai...

Toshi_Esumi · 02-29-2024

When we configure this SSL VPN MAC address filtering, what system limit would dictate the max number of MAC addresses we can configure on an FGT (no vdom/muti-vdom)?https://community.fortinet.com/t5/FortiGate/Technical-Tip-MAC-address-check-on-SSL-VP...

Toshi_Esumi · 11-20-2024

Ok, I used a wrong terminology. End of Order (EOO) date, I meant to say. See it in the KB @dingjerry_FTNT pointed you too. I was mixing up with Cisco's terminology.Toshi

Toshi_Esumi · 11-20-2024

Because those F-series are relatively new and End of Sales/Production hasn't been decided. You wouldn't be able to know EOL date probably a couple of more years. As always, once it's announced, FTNT support will continue for 5 years after the EOS dat...

Toshi_Esumi · 11-19-2024

I would assume all devices in VLAN 50 (192.168.1.0/24) can get through the gateway device (with IP:192.168.1.50) since the gateway is in the same subnet.Then the next thing I would check is if the gateway device has routes for 192.168.2.0/24 and 192....

Toshi_Esumi · 11-19-2024

This is also NOT about stability but you need to be aware.After 7.2.8, or newer, you would be forced to set schedule of auto-firmware upgrade when you log in via GUI. If you don't want to set an auto-upgrade schedule, get in via CLI and change the gl...

Toshi_Esumi · 11-19-2024

You need to share 1) the ha config on both units "config system ha", 2) "get sys ha status" on both units when both are up, then 3) "get sys ha status" on the secondary when the primary is down.Or just open a ticket at TAC to get it looked into, whic...

User Statistics

User Activity

FMG 7.2.8

Websocket app traffic with Web Filter

RADIUS attribute: Message-Authenticator

FortiCloud login 2FA enforcement

num of MAC address limit in SSL VPN filtering

Re: Fortigate FW EOL dates

Re: Fortigate FW EOL dates

Re: Standalone FortiSwitch default route

Re: FortiOS Stability

Re: HA Issues

Re: Fortigate OSPF routes

Re: Redistribute iBGP routes to OSPF in FortiGate

Re: Layer3 Fortiswitch

Re: FortiGate stripping BGP TCP option 19

Re: Fortimanager best practice

Re: What is exactly "major" version?

Re: Vpn drops with starlink

Re: Configuring FW Policy with NAT in an internet ...

Re: Configuring FW Policy with NAT in an internet ...

Re: firmware upgrade

Super User