While the new Internet Service Database in 5.4 is a useful reference
indeed, it is frustrating that entries in it cannot be bound to firewall
policies (at least not that I've found). You have service entries in
there with thousands of IP address / po...
Just in case no one else has reported this, FortiOS 4.3.2 has a nasty
bug related to VIPs. The bug creates a conflict for portforward and
static-nat VIPs that share the same interface. Consider the following
example: # show firewall vip new1 config f...
It would be great if local administrative accounts created on a
FortiGate unit could change their own password (but no others; unless
they are " root" ).
I would like to be able to select the interface to be used with inbound
SSL VPN traffic. For example, with a FortiGate-60 which has two WAN
interfaces, it would be convenient to be able to select WAN2 for SSL VPN
traffic so that I could use the typic...
I think it would make more sense to offer a drop-down in the web UI that
allows you to select a firewall address entry for the internal IP
address (and perhaps the external IP address; although internal is most
practical) to which a Virtual IP maps. ...
Yes, I view it as a bug. I view it as a bug since this has never been an
issue until FortiOS 4.3.2; not in 4.3.1, 4.3, or any previous FortiOS.
Therefore the evaluation logic for the ' 0.0.0.0' is inconsistent (even
within the same branch) and a logi...
Okay, I just tried something else and this may be a workaround. It
appears that the actual issue is that they changed the logic for a
portforward VIP such that the default extip of 0.0.0.0 no longer
evaluates to the firewall' s IP address on that int...
I just tried this on FortiOS 4.3.3 and the bug is still there. C' mon
Fortinet, why would you release another OS version still containing this
same VIP bug!?! I contacted Fortinet support regarding the original bug
in 4.3.2 and their response was to ...
Two more issues with the SSL VPN portal; both with the Samba proxy: 1)
When using the Samba proxy through the SSL VPN portal, the pop-up login
screen does not close after you' ve provided the required credentials
and have been authenticated. However,...
Submitted support cases for the Web GUI and SSL VPN bugs. Here' s the
info on the Web GUI bugs: Q) Drag-and-drop in the policy grid appears to
be no longer supported (as AKrause said). This is not mentioned in the
release notes, so I assume it is uni...