Fortinet Community

Yurisk · 03-16-2023

Good day everyone, here is a guide I wrote to harden your Fortigate VPN SSL in additional ways.Your feedback is welcome and will be included in the updates.Linkedin: Fortigate VPN SSL Hardening Guide Thanks P.S. Tried to upload the original PDF but s...

Yurisk · 03-08-2021

Good day everyone, I'd be glad to hear your input on - what are benefits/disadvantages of IPSec site-to-site 2 tunnels between 2 Fortigates, each having 2 ISP links inside/outside SD-WAN membership? SD-WAN config including both ISP links for Internet...

Yurisk · 03-03-2021

Good day everyone, I am trying to get real-time throughput/bandwidth of the traffic passing the Fortigate stats, but to no avail so far. I need it 30-60 days back, so FortiView does not help here. I tried querying perf-stats log column which is sent ...

Yurisk · 10-30-2020

If you haven't used the open source iperf tool before, there is a lot of info on it (see https://iperf.fr), and I will only say it allows us to generate UDP/TCP traffic between 2 hosts of any bandwidth we desire. Load testing is a sure way to pinpoin...

Yurisk · 10-14-2020

Good day everyone,I am trying to understand how and what for to use peertype dialup settings in Phase1 interface mode for IPSec VPN client connections. The documentation just lists this option, Google tells contradicting stories. I tried just for luc...

Yurisk · 03-09-2023

Hi, by the log message alone it looks like the remote server resets the connection for some reason. To be sure I'd advise to run diagnose debug flow on the Fortigate, see details in Step 4 here: https://community.fortinet.com/t5/FortiGate/Troubleshoo...

Yurisk · 03-08-2023

Hi,you could configure on each Fortigate reply-to value to be representative of each FGT. This way your technicians will get emails from different senders for each Fortigate. E.g. FGT Atlanta: config system email-server set reply-to "atlanta@yurisk.c...

Yurisk · 03-07-2023

Hi, there is no easier way beyond the mentioned Forticonverter to migrate configs between different hardware models. Fortivonverter can be used in 2 ways: As a stand-alone on premises software installation, but its cost (Google search estimated to be...

Yurisk · 03-06-2023

I am not doing Anyconnects nowadays, but work with Forticlients a lot and mostly the experience is good. They do have, as all vendors I guess, catch up to do with the newer operating systems/standards/OSes, but usually it happens with some delay. Lik...

Yurisk · 03-04-2023

Hi, beyond Forticonverter already mentioned, there is no "easy" way (by easy mean click-click-double click) to convert configs between different models. About the Forticonverter thing - you have 2 ways to get it: as a one time service from Fortinet, ...

Fortinet Community

User Statistics

User Activity

Fortigate SSL VPN Hardening Guide

IPSec VPN tunnels inside versus outside SD-WAN - benefits?

What bandwidth does "perf-stats" actually measure ?

Fortigate built-in iperf tool helps a lot in network performance diagnostics, here is how to use it.

VPN IPsec dialup peertype - how to use

Re: URL Not accesable without any error.

Re: Multi-factor authentication via e-mail with the device name

Re: Replace broken fortigate

Re: Forticlient issues in this sub making me think twice

Re: Replace broken fortigate

Re: FortiOS 6.2.9 list files in filesystem CVE-202...

Fortigate built-in iperf tool helps a lot in netwo...

Re: Block traffic with IP from the black list (not...

Re: Detailed log of configuration changes

Re: use another public ip on WAN interface

Re: use another public ip on WAN interface

Re: Multiple ipsec remote access vpn with single I...

Re: How to create policy routing for traffic comin...

Re: FortiOS 6.2.9 list files in filesystem CVE-202...

Re: Highlighted SNMP Option on Interface