Just need a little validation check against something I am implementing
yet feel like I am losing something as well. What I mean by that is, I
have in my environment, an edge firewall (this is where my users get
their primary Internet from), a core f...
This is my first foray into the need for VXLAN and have some questions.
My current site has a L3 Aruba switch, which handles my internal VLANs,
an egress VLAN connecting to my FortiGate which connects to both a
private WAN circuit to my data center (...
Was just running through some clean up and auditing some processes and
wanted to get some thoughts of what others might be doing in regards of
having both ISDB
(https://community.fortinet.com/t5/FortiGate/Technical-Tip-Blocking-Potential-threats-over...
Was doing some log parsing and came across some traffic flows that had
me scratching my head. I have a policy with DPI enabled, but I do have
reputable websites with various categories and address objects exempt. I
also have a application control pro...
Ok, I will admit I am a little outside my knowledge base with this one.
In my investigation, I am learning that what I am looking for might be
this header passed from the browser called X-Forward-For. Based on what
I am seeing, this shows or can show...
It kind of depends. I know you have only defined the operating system,
but in the end, I am assuming the primary application need for this, is
the browser app of choice. In the past, I have had issues with Safari,
for example, by not having the compl...
That is how I did mine. Using one sub CA certificate created and
importing it to all of my FortiGates. It used to be where all you needed
on the device was the root CA since the trust for the sub CA was already
there, but with more modern browsers, y...
In my situation, it is. My ISP is also my VoIP provider, so they retain
DSCP markings to their servers and back to me as long as my equipment
retains those markings along its internal path. That part of it has been
confirmed and proven.
Ok, I think I figured this out with some Ai assistance. ISFW to Core,
shaping more for internal processes (internal client to server, internal
server to server priority bandwidth, etc...). Not really meant to shape
Internet traffic like Office365 or ...
