Hello My fortigate appears to be listening on port 8009 on our internet
connected interfaces. Not cool. How do I turn that garbage off? I can;t
find it anywhere in the GUI or CLI guide and I must be missing
something.
Can Fortigate firewalls scan and rewrite application data or web session
data. Specifically I want to have an ASPSessionID cookie is set to
HttpOnly. I can' t do this in code as its for an asp classic page -
running on an IIS6 server - so no URL rewr...
getting this HA error: Message meets Alert condition date=2011-05-20
time=01:13:34 devname=Colo_FW_HA_2 device_id=FG300Axxxxxxxxxx
log_id=0105037903 type=event subtype=ha pri=information vd=" root" msg="
The sync status with the master" sync_type=ext...
Hi I have 3 web servers behind a Fortigate 300A high availability pair.
I am employing the server load balancing with port forwarding. My
concern is that these web sites host e-commerce sites. Therefore I can
not have a visitor get " balanced" from o...
I have recently been trying to troubleshoot dns timeout issues on my
network. just to eliminate the chance that it is the firewall causing
the issue, what is the word on support for EDNS0 in these fortigates? i
can;t seem to find anything in the know...
You have to disable proxy based inspection (SSL inspection). Set it to
certificate only as opposed to full SSL inspection. By the way - this
will disable the effectiveness of your UTM policies since the firewall
can't look inside SSL sessions to insp...
I opened a ticket with Fortinet and they acknowledged it was a bug.
Furthermore, since our 200Ds were end of life and not receiving firmware
updates anymore - there would be no "official" fix. Since I was under a
support agreement and I escalated the...
Anyone find a solution to this? We have a Fortigate 200D cluster that is
doing the same thing. The WAD daemon keeps crashing when we have UTM
policies in place. It was happening on 5.6.8 and support recommended we
upgrade. We're on 5.6.12 now and it'...
I' m getting the concept but just don' t care for the implementation.
The lack of a GUI support for these features is a big strike against the
manufacturer in my mind. Having all these ports open by default
(specially for disabled or unused features)...