Re: Fortigate-50G unable to be properly managed by...

dingjerry_FTNT · 02-14-2025

Description This article describes the requirements of a Server Certificate in an SSL Inspection profile while selecting 'Protecting SSL Server'. Scope FortiGate. Solution When creating or editing an SSL Inspection profile, and selecting 'Protecting ...

dingjerry_FTNT · 02-14-2025

Description This article describes one scenario (GRE + IPSec) that is unsupported for NP7 offloading. Scope FortiGate. Solution NP7 offloading supports the GRE tunnel, including terminating on FortiGate or passing through FortiGate.NP7 offloading sup...

dingjerry_FTNT · 02-09-2025

Description This article explains the behavior of 'Inspect All' in an SSL/SSH inspection profile. Scope FortiProxy. Solution When creating or editing an SSL/SSH inspection profile, there is an option called 'Inspect All'. Full SSL Inspection: Perform...

dingjerry_FTNT · 02-03-2025

Description This article describes the 'Default Device Selection for Install' option in ADOM settings while creating or editing one ADOM on FortiManager. Scope FortiManager. Solution When creating or editing one ADOM on FortiManager, there is an opti...

dingjerry_FTNT · 12-06-2024

Description This article describes how to display images on the a Web Filter Block page. Scope FortiGate. Solution Images can be added to the Web Filter Block Replacement Message with the Replacement Message tag '%%IMAGE:%%'. When the URL is blocked ...

dingjerry_FTNT · 05-13-2025

Correct, as it stated in the doc: In FortiOS v6.0.5 and later, entries beginning in '*.' will also match any subdomains as well as the base domain. For example, '*.fortinet.com' will match sub-domains of the URL 'support.fortinet.com', 'www.fortinet....

dingjerry_FTNT · 05-13-2025

Hi @willbase , As far as I know, there is no number limit for a wildcard to be matched. And *.domain.com will match subdomain.domain.com as well as subdomaindomain.com.

dingjerry_FTNT · 05-13-2025

Hi @willbase , Please check this doc for the information: https://community.fortinet.com/t5/FortiGate/Technical-Tip-URL-Filter-expressions-for-the-FortiGate/ta-p/192746

dingjerry_FTNT · 05-12-2025

Hi @Umesh , 1) Since all 3 subnets are connected ones on FGT, so I assume that there is no issue with routing. You can check the routing table on FGT using this CLI command: get router info routing-table all 2) You need firewall policies from port3 t...

dingjerry_FTNT · 05-12-2025

Hi @raffaeledp , You need to run debug flow commands to see why the traffic was not working as expected. Also, it's better to provide your FGT config and/or the routing table info as well. BTW, why do you configure the IP on port5 as 10.0.0.2/30? Thi...

User Statistics

User Activity

Technical TIP: Requirements of Server Certificate in SSL Inspection profile

Technical Tip: GRE + IPSec not supported for NP7 offloading

Technical Tip: Explanation of 'Inspect All' in SSL/SSH inspection profile

Technical Tip: Explanation of 'Default Device Selection for Install' in ADOM settings on FortiManager

Technical Tip: Display images on a Web Filter Block page

Re: About wildcard specifications

Re: About wildcard specifications

Re: About wildcard specifications

Re: Fortigate ping is not responding if subnet is directly connected

Re: What is wrong with my policy?

Re: Fortigate-50G unable to be properly managed by...

Re: Fortigate 200G active/passive licence

Re: Creation of Custom VSA

Re: How to Allow HIK Vision NVR to Fortigate

Re: Geo-blocking Plan

Re: Fortigate 71G

Re: block vip admin page

Re: Fortigate SSL-VPN client failed to get gateway

Re: Fortigate IPSEC VPN - One Way Traffic issues

Re: Creation of Custom VSA

KCS

Fortinet Training Institute

User Statistics

User Activity

You are leaving our website