Hi, Has anyone worked through a similar problem on SD-WAN where the
self-originated traffic isn't smart enough to pick the correct interface
to get out ( internet ). I know this because running diagnose sniffer
packet any "port 8888" 4 0 l we can see...
Hi, Under your IPS profiles theres the feature for malicious URL
blocking. I believe this is refering to a different block list than the
normal webfilter uses. How do we create a white list for URLs that are
blocked with the IPS sensor?
Hi, In my lab I have a 200E on 5.4.4. I'm using ssl deep inspection for
443 traffic. I'm testing with the Fortigate SSL cert added to the
trusted root cert authorities store on computer accounts for windows 10.
Normal https traffic is working fine te...
I' m having issues with iphones not accepting the default fortinet cert
when the user finishes entering their wifi ldap logon. I' ve setup WPA 2
enterprise with Ldap wifi authentication on the device. So I' m not
using any radius server. Im using sAM...
Hi, I don't have the answer but I can help you get to it. I've used them
in schools before. These are some questions to help find the model.
[ol]Are you also using forti access points for wifi.Are you going to use
SSO for identity based policies.Do y...
The fix for me was......... set source-ip x.x.x.x to be the wan ip you
want the self traffic to orriginate from.config log fortiguard setting
Create a top most sdwan rule for SOURCE [ WAN IP ] DESTINATION [ ALL ]
INTERFACE [ WAN1 ]
Hi, The reason is because the system handles policy routes taking
precedence over the static routes. In this case policy routes meaning
SD-WAN rules. What Fortinet wants us to do is have 1 default route to
SD-WAN zone and then use the rules to route ...
