Hi all - your thoughts on the below issue would be appreciated! I have a
problem with sessions ' sticking' to a WAN interface when they should be
going through a VPN tunnel. Not sure if this is more appropriate for the
VPN or Firewall forums. We have...
Ede Thanks for your reply - that appears to be exactly what I need!
Already had dead peer detection on all IPSec VPN Phase 1 configurations.
Adding an additional blackhole route for each VPN route per your
configuration sample seems to have worked - ...
You should perform pre & post-upgrade testing on anything you do -
firmware updates, rule modifications, enabling features, etc. That' s
how you determine if the change worked, and if you need to act on your
rollback plan. So yes it probably is a bit...
Remember services cost more for the bigger models (i.e. say around $600
for the bundle at the low end, but more like $400 per service at the
FG100 end) ... FG60' s still have their place but definately less than
25 users with bandwidth less than abou...
It might be that the override URL is not in the denied URL screen - it
isn' t in there by default. Under 3.0: Go to System -> Config ->
Replacement Messages -> Fortiguard Web Filtering Edit the ' URL Block
Message' add the tag ' %%OVERRIDE%%' somewhe...
Guy, If you can find the IP ranges the attacks are coming from, you
could build address groups and deny SMTP traffic from these groups.
However if they are all perfectly random, you will encounter alot of
trouble! You would not see any IPS statistics...
