Hello, The design is to get ERSPAN traffic from Cisco to FortiGate
Interface to act like IDS. How to achieve this and what configuration
needs to enable on FortiGate. Is GRE mandatory? Regards, Ashu
Hi Guys, We are getting so many alerts and deny messages under attack
log for OWA. Fortiweb is also not allowing a few uses to send an email.
We are using exchange template under a protection profile .We have not
yet implemented ML. The Fortiweb vers...
Hi I have a scenerios where in Primary site fortigate 1500D Cluster is
configured Datacenter firewall .Fortigate 1000D cluster in DR site .We
also have Big fibre pipe between these DC's Is there any ways to achieve
active-active DC and Cisco ACI is i...
Hi, We want to offload ssl from server to fortiweb so which format ssl
certificate accepted by Fortiweb. We have tried importing .crt
certificate to local certificate but showing message invalid certificate
.
here are some detailed steps and useful commands you can try:View Policy
Hit Counts with CLI CommandsFortiGate CLI provides several diagnostic
and monitoring commands that can give you insights into policy usage.
The following commands can help:Check...
Hi Can u share the design; how the clients connected to FortiGate.Hope
your clients can ping router ip or 8.8.8.8 .If not look for connectivity
or FortiGate rules.If the connectivity is fine then dns could be the
issue .Could you try to ping 8.8.8.8 ...
Hi, This is possible. Internal Server or Host can b NAT (VIP) to 2
different Public IP. I have tested this. But best practice is to map one
Public to One internal IP. Regds,
Hi ,There are some troubleshooting steps for this problem no suitable
ISAKMP SA, queuing quick-mode request and initiating ISAKMP SA
negotiationhttps://docs.fortinet.com/document/fortigate/5.4.0/cookbook/168495
Regards,
Hi Could you please share the high-level architecture, also mention if
you have any other firewall in the path. Your conf looks fine. Yes, diag
report also will help to get more details. Regards,
