I am trialing a FortiMail and am running 5.2.3. I am trying to determine
if the FortiMail can verify inbound recipients a la Barracuda's Exchange
Accelerator. I have an LDAP connection setup and it is working
correctly. My internal users can login as...
I have an Action:DENY policy setup at the top of the ruleset for inbound
traffic from WAN1 to DMZ. The source address for this policy is a group
which consists of some geography-based networks and " bad addresses"
that come up frequently in the IPS. ...
We have recently completed migrating from a Cisco ASA platform to
FortiGate 100Ds (we originally bought our FG100Ds to replace our
Websense webfilter and decided to use them as the firewalls later). The
migration went pretty well with only a few hicc...
I am having trouble with NAT Overload/PAT. This only seems to work if I
choose to enable NAT and leave it on the default of using the
destination interface. I would like to be able to use PAT on any valid
IP address on the destination interface' s ne...
This problem has me completely stumped. I have a FGT100D, 4.3p7,
deployed in transparent bridge mode (VDOMs enabled, if it matters). I am
using the FGT primarily as a webfilter, so it is sitting in front of the
inside interface on my firewall. All " ...
Emnoc, the only reason I haven' t debugged is because I thought my rules
were cut and dry. Silly I know. This will be my next step. FatalHalt,
Nothing shows up in the logs matching against policy 53. :/ Netmin, I'
ve always used dots in my names with...
The 100Ds I used to manage were running 4.3.x and I never saw this
particular behavior. This sounds like a bug in the way the FortiGate is
reporting the hop information or perhaps in the internal routing engine.
Do you see any other addresses in your...
It will probably work fine the way you have it, but your FGT is
processing a lot more traffic than it needs to. The switch on the 100D
is probably robust enough to handle it, but I don' t think I' d leave it
like this. Here' s what I' d do: To make e...
I' m reasonably certain your issue here is on the TP-Link device. If you
can ping from the LAN side of it to the WAN side but not the other way
around then your routing on the FGT should be sound (hosts on the subnet
connected to the FGT wouldn' t be...
