Good day everyone, was wondering - I am reading Fortinet documentation a
lot (here in community "Tips", admin guides etc.) and sometimes stumble
on incorrect/outdated or plain typo/incorrect info. Is there a way to
alert someone on that?Thanks E.g.
h...
Good day everyone, here is a guide I wrote to harden your Fortigate VPN
SSL in additional ways.Your feedback is welcome and will be included in
the updates.Linkedin: Fortigate VPN SSL Hardening Guide Thanks P.S.
Tried to upload the original PDF but s...
Good day everyone, I'd be glad to hear your input on - what are
benefits/disadvantages of IPSec site-to-site 2 tunnels between 2
Fortigates, each having 2 ISP links inside/outside SD-WAN membership?
SD-WAN config including both ISP links for Internet...
Good day everyone, I am trying to get real-time throughput/bandwidth of
the traffic passing the Fortigate stats, but to no avail so far. I need
it 30-60 days back, so FortiView does not help here. I tried querying
perf-stats log column which is sent ...
If you haven't used the open source iperf tool before, there is a lot of
info on it (see https://iperf.fr), and I will only say it allows us to
generate UDP/TCP traffic between 2 hosts of any bandwidth we desire.
Load testing is a sure way to pinpoin...
Fortianalyzer does not provide any info regarding this - not what logs
are in excess, nor from which Fortigates (the limit is calculated as a
cumulative log intake over some time, if serving multiple FGTs). We
cannot even know for sure what happens t...
Correct, with physical FGT you "share" a physical interface by making it
a trunk and creating VLANs that you can individually assign then to
different VDOMs, but in public clouds they do not support
VLANs/trunking, so each NIC can belong to only 1 VD...
I meant URL/FQDN redirection as done in Web Filtering so that the remote
server gets HTTP GET request where in its headers the original
destination is recorded, unlike in DNS FIltering "Redirect" the
screenshot of which you brought which "redirects" ...
While it is not strictly speaking "advised against" using FortiGuard DNS
servers for regular DNS queries, there are simply no benefits to using
them. The common sense, on the other hand, will tell us that the
disadvantages would be: Unfortunately, Fo...
While I understand your disappointment, your conclusions are not
entirely correct:DNS Filtering is not related to Web Filtering in any
way.DNS Filtering kicks in first, when a client sends DNS query that FGT
sees. One of the benefits of this is savin...