Good day everyone, here is a guide I wrote to harden your Fortigate VPN
SSL in additional ways.Your feedback is welcome and will be included in
the updates.Linkedin: Fortigate VPN SSL Hardening Guide Thanks P.S.
Tried to upload the original PDF but s...
Good day everyone, I'd be glad to hear your input on - what are
benefits/disadvantages of IPSec site-to-site 2 tunnels between 2
Fortigates, each having 2 ISP links inside/outside SD-WAN membership?
SD-WAN config including both ISP links for Internet...
Good day everyone, I am trying to get real-time throughput/bandwidth of
the traffic passing the Fortigate stats, but to no avail so far. I need
it 30-60 days back, so FortiView does not help here. I tried querying
perf-stats log column which is sent ...
If you haven't used the open source iperf tool before, there is a lot of
info on it (see https://iperf.fr), and I will only say it allows us to
generate UDP/TCP traffic between 2 hosts of any bandwidth we desire.
Load testing is a sure way to pinpoin...
Good day everyone,I am trying to understand how and what for to use
peertype dialup settings in Phase1 interface mode for IPSec VPN client
connections. The documentation just lists this option, Google tells
contradicting stories. I tried just for luc...
Hi, by the log message alone it looks like the remote server resets the
connection for some reason. To be sure I'd advise to run diagnose debug
flow on the Fortigate, see details in Step 4 here:
Hi,you could configure on each Fortigate reply-to value to be
representative of each FGT. This way your technicians will get emails
from different senders for each Fortigate. E.g. FGT Atlanta: config
system email-server set reply-to "email@example.com...
Hi, there is no easier way beyond the mentioned Forticonverter to
migrate configs between different hardware models. Fortivonverter can be
used in 2 ways: As a stand-alone on premises software installation, but
its cost (Google search estimated to be...
I am not doing Anyconnects nowadays, but work with Forticlients a lot
and mostly the experience is good. They do have, as all vendors I guess,
catch up to do with the newer operating systems/standards/OSes, but
usually it happens with some delay. Lik...
Hi, beyond Forticonverter already mentioned, there is no "easy" way (by
easy mean click-click-double click) to convert configs between different
models. About the Forticonverter thing - you have 2 ways to get it: as a
one time service from Fortinet, ...
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.