Technical Tip: WAD (wad-config-notify) process con...

nathan_h · 06-25-2025

Description This article describes unexpected behavior of the CLI configuration on a custom Category or Local Category where 'set allow' cannot be configured. Scope FortiGate. Solution The Custom Category testcat Action is set to Allow. In the GUI: ...

nathan_h · 06-25-2025

Description This article describes how to determine the URL to block when blocking a specific part of a website. Modern websites use JavaScript to send a HTTP request to the server without reloading the whole page. It will use the API fetch functions...

nathan_h · 05-21-2025

Description This article describes the behavior of how SSH login generates 'Admin login failed' log. It will only log 1 entry per SSH connection of password input. Scope FortiGate. Solution 2 wrong passwords have been entered twice (2 successive pass...

nathan_h · 04-10-2025

Description This article describes how to resolve issues related to the errors 'peer has not completed Configuration Method' and 'debug error mode-cfg not completed'. FortiGate is configured with dial-up IPsec with mode-cfg enabled. Scope FortiGate. ...

nathan_h · 04-07-2025

Description This article describes how to extract Console logs downloaded from the GUI. Windows Subsystem for Linux can be installed to run Linux commands. When the console logs are downloaded from the GUI, it is not viewable with a text editor becau...

nathan_h · 12-17-2024

You can use ISDB on SDWAN rule. We have ISDB for Google.

nathan_h · 09-14-2024

You can try to disable the blocking on the browser. It might be the browser already blocked it and the request didn't reach the Fortigate

nathan_h · 09-14-2024

Hi solo1, As far as I know, you normally don't need select which logs you will forward to them. You just need to send all of the logs to them via Syslog. Their SIEM solution should be able to handle the logs for threat hunting.

nathan_h · 09-13-2024

Hi RSJohan, If you have FortiAnalyzer. you can use Fortiview to check the sessions and from there you will be able to check what ports are used. Keep adding a Firewall Policy at the top and then monitor the original policy if there is still a hit and...

nathan_h · 09-12-2024

Hi Ruelb2214, I understand that Fortigates on the right side are on HA. Since the switch is not a stack, you won't be able to cross connect the LACP. See guidelines below. https://community.fortinet.com/t5/FortiGate/Technical-Tip-Aggregate-link-confi...

User Statistics

User Activity

Troubleshooting Tip: Web Filter Category shows 'allow' in the GUI but shows 'monitor' in the CLI

Troubleshooting Tip: Unable to block specific part of the website even with deep inspection enabled

Technical Tip: 'Admin login failed' log generation with SSH

Troubleshooting Tip: IPsec Tunnel is not coming up due to the error 'debug error mode-cfg not completed' in IKEv2 dial-up IPsec tunnel

Technical Tip: How to extract Console logs downloaded from GUI with Ubuntu WSL

Re: SDWAN Rules

Re: FortiOS 7.4.4 Web Filter didnt show replacment message (Blocked Page)

Re: What FortiOS Event Logs should i send to my SOC from my Fortigate Firewall?

Re: Locking down loose policies

Re: LAG connection setup

Technical Tip: WAD (wad-config-notify) process con...

Troubleshooting Tip: Web Rating Override is not ta...

Re: Locking down loose policies

Re: BGP routing strategy with two IPSec Connection...

Troubleshooting Tip: Read-only access when accessi...

Re: BGP routing strategy with two IPSec Connection...

KCS

User Statistics

User Activity

You are leaving our website