Fortinet Community

Yurisk · 03-08-2021

Good day everyone, I'd be glad to hear your input on - what are benefits/disadvantages of IPSec site-to-site 2 tunnels between 2 Fortigates, each having 2 ISP links inside/outside SD-WAN membership? SD-WAN config including both ISP links for Internet...

Yurisk · 03-03-2021

Good day everyone, I am trying to get real-time throughput/bandwidth of the traffic passing the Fortigate stats, but to no avail so far. I need it 30-60 days back, so FortiView does not help here. I tried querying perf-stats log column which is sent ...

Yurisk · 10-30-2020

If you haven't used the open source iperf tool before, there is a lot of info on it (see https://iperf.fr), and I will only say it allows us to generate UDP/TCP traffic between 2 hosts of any bandwidth we desire. Load testing is a sure way to pinpoin...

Yurisk · 10-14-2020

Good day everyone,I am trying to understand how and what for to use peertype dialup settings in Phase1 interface mode for IPSec VPN client connections. The documentation just lists this option, Google tells contradicting stories. I tried just for luc...

Yurisk · 08-06-2020

Good day everyone,I am trying to understand why - is it a bug/normal behavior/or my misunderstanding, and your help is much appreciated.Problem: FGVM learns via BGP some route, then using route-map, sets its next hop to dummy address 192.0.2.1, which...

Yurisk · 11-18-2022

There is no solution from Fortinet that I know of, and Fortiauthenticator would not help either. You are talking about MDM solution potentially, but even then if the byod devices are managed by this mdm, not someone else’s devices just connecting via...

Yurisk · 11-15-2022

The supported way to do so is with the Fortinet EMS server. Back in Forticlient 6.0 you could have custom installation package in free version as well, not any more. Possible option to explore is configuring FC, then exporting its configuration (XML ...

Yurisk · 11-15-2022

Recover - as long as you have access to web GUI of the Fortigate you can undo this command in Console web applet. Recommended - not that I can recall any Fortinet docs recommending to disable password access on SSH. Personally, I don't think it is a ...

Yurisk · 11-14-2022

Hi, this is possible, but make sure you can connect with your SSH public key before configuring it, so not to lock yourself out. # config sys global (global) # set admin-ssh-password disable (global) # end Few notes: It disables SSH password-based ac...

Yurisk · 11-13-2022

It is not mentioned anywhere in the docs, but it is safe to assume the color is to draw attention proportionally to the perceived risk of such setting. If you enable telnet/HTTP (insecure) admin access on any interface you will get it painted red, wh...

Fortinet Community

User Statistics

User Activity

IPSec VPN tunnels inside versus outside SD-WAN - benefits?

What bandwidth does "perf-stats" actually measure ?

Fortigate built-in iperf tool helps a lot in network performance diagnostics, here is how to use it.

VPN IPsec dialup peertype - how to use

BGP does not install route in RIB if the next hop is a blackhole, RTBH configuration

Re: Pushing out FortiGate cert to BYOD devices.

Re: VPN Installer with ready configuration

Re: Disable SSH Password Authentication in Azure Fortigate VM

Re: Disable SSH Password Authentication in Azure Fortigate VM

Re: Highlighted SNMP Option on Interface

Fortigate built-in iperf tool helps a lot in netwo...

Re: Block traffic with IP from the black list (not...

Re: Detailed log of configuration changes

Using external threat feeds in FortiGate has becom...

Re: Delete Local-in Policy

Re: Highlighted SNMP Option on Interface

Re: Fortinet Critical Authentication Bypass Vulner...

Re: Delete Local-in Policy

Re: Read inside DNS requests

Re: Statefull Firewall

Broad. Integrated. Automated.

Security Research

Company

News & Articles

Contact Us