Good day everyone, hope you all are doing well. I created a Github repo
where will collect scripts, tools, anything that helps in daily work
with Fortinet products.So far put a collection of Fortigate automation
stitches (21) you may find helpful. Ne...
Good day everyone, was wondering - I am reading Fortinet documentation a
lot (here in community "Tips", admin guides etc.) and sometimes stumble
on incorrect/outdated or plain typo/incorrect info. Is there a way to
alert someone on that?Thanks E.g.
h...
Good day everyone, here is a guide I wrote to harden your Fortigate VPN
SSL in additional ways.Your feedback is welcome and will be included in
the updates.Linkedin: Fortigate VPN SSL Hardening Guide Thanks P.S.
Tried to upload the original PDF but s...
Good day everyone, I'd be glad to hear your input on - what are
benefits/disadvantages of IPSec site-to-site 2 tunnels between 2
Fortigates, each having 2 ISP links inside/outside SD-WAN membership?
SD-WAN config including both ISP links for Internet...
Good day everyone, I am trying to get real-time throughput/bandwidth of
the traffic passing the Fortigate stats, but to no avail so far. I need
it 30-60 days back, so FortiView does not help here. I tried querying
perf-stats log column which is sent ...
Hi, sorry for the late reply, I see 2 ways - Short one and Long one, I'd
start with the Short.Short:Upgrade to 7.2.6, on 10th of October Fortinet
released PSIRT alert on versions including 7.2.5 on password disclosure
in SSL VPN https://www.fortiguar...
Fortianalyzer does not provide any info regarding this - not what logs
are in excess, nor from which Fortigates (the limit is calculated as a
cumulative log intake over some time, if serving multiple FGTs). We
cannot even know for sure what happens t...
Correct, with physical FGT you "share" a physical interface by making it
a trunk and creating VLANs that you can individually assign then to
different VDOMs, but in public clouds they do not support
VLANs/trunking, so each NIC can belong to only 1 VD...
I meant URL/FQDN redirection as done in Web Filtering so that the remote
server gets HTTP GET request where in its headers the original
destination is recorded, unlike in DNS FIltering "Redirect" the
screenshot of which you brought which "redirects" ...
While it is not strictly speaking "advised against" using FortiGuard DNS
servers for regular DNS queries, there are simply no benefits to using
them. The common sense, on the other hand, will tell us that the
disadvantages would be: Unfortunately, Fo...
