Good day everyone, I'd be glad to hear your input on - what are
benefits/disadvantages of IPSec site-to-site 2 tunnels between 2
Fortigates, each having 2 ISP links inside/outside SD-WAN membership?
SD-WAN config including both ISP links for Internet...
Good day everyone, I am trying to get real-time throughput/bandwidth of
the traffic passing the Fortigate stats, but to no avail so far. I need
it 30-60 days back, so FortiView does not help here. I tried querying
perf-stats log column which is sent ...
If you haven't used the open source iperf tool before, there is a lot of
info on it (see https://iperf.fr), and I will only say it allows us to
generate UDP/TCP traffic between 2 hosts of any bandwidth we desire.
Load testing is a sure way to pinpoin...
Good day everyone,I am trying to understand how and what for to use
peertype dialup settings in Phase1 interface mode for IPSec VPN client
connections. The documentation just lists this option, Google tells
contradicting stories. I tried just for luc...
Good day everyone,I am trying to understand why - is it a bug/normal
behavior/or my misunderstanding, and your help is much
appreciated.Problem: FGVM learns via BGP some route, then using
route-map, sets its next hop to dummy address 192.0.2.1, which...
There is no solution from Fortinet that I know of, and
Fortiauthenticator would not help either. You are talking about MDM
solution potentially, but even then if the byod devices are managed by
this mdm, not someone else’s devices just connecting via...
The supported way to do so is with the Fortinet EMS server. Back in
Forticlient 6.0 you could have custom installation package in free
version as well, not any more. Possible option to explore is configuring
FC, then exporting its configuration (XML ...
Recover - as long as you have access to web GUI of the Fortigate you can
undo this command in Console web applet. Recommended - not that I can
recall any Fortinet docs recommending to disable password access on SSH.
Personally, I don't think it is a ...
Hi, this is possible, but make sure you can connect with your SSH public
key before configuring it, so not to lock yourself out. # config sys
global (global) # set admin-ssh-password disable (global) # end Few
notes: It disables SSH password-based ac...
It is not mentioned anywhere in the docs, but it is safe to assume the
color is to draw attention proportionally to the perceived risk of such
setting. If you enable telnet/HTTP (insecure) admin access on any
interface you will get it painted red, wh...
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.