Hello, I have several vlans routing themselves in a L3 switch, which has
a default gateway point to fortigate 100d for off-site traffic. I'm
unable to create policies based by device. The only device I see is
naturally the switch. The way I see it i ...
FG running OS 5.6 with multiple FSSO policies with application and deep
inspection filters.We intend to isolate Skype traffic on it's own policy
with no inspection. Created an application sensor for SkypeCreated a
policy above the others with the fol...
Hi, I'm pretty sure that this is a self answered post, but here goes...
Network has switches at the access level, all of them trunked with the
company vlans to a distribution switch, which is trunked up to the
fortigate - see simplified diagram netwo...
Paired up 100D have two local certificates (with private key), one from
own local CA for internal access, and one wildcard certificate bought
from godaddy and imported using winssl for transformation.I'm publishing
internal web server using vip and S...
Right, I believe this is where i'm going. I'm narrowing it down to 2
vlans. I'm told that FSSO is working pretty good, i will still consider
user based policies as a long run, but for now, at least, with this
arp/ipv4 protocol, i have it covered. Tha...
hello, i posted a thread yesterday with this same question. The only
problem that i have with this is that traffic comming from other vlans
will capture the core switch mac address, so you won't be able to do
policies based on devices from other vlan...
The broadcast works, as i want to populate de mac devices on the
fortigate for status only (health check), but being a member on each
vlan does not make it the gateway on that vlan. Datagrams take another
path via the distro switch and up to the fort...
to whom it may concern, I found the solution
herehttp://sysmagazine.com/posts/210582/ Turns out I was trying to get
the SSL Inspection rule to hand over my public certificate.To do the SSL
Offloading, the same way TMG does, I had to enable the Load B...