It looks like another bad day for FortiGuard servers. We're getting a
lot of complaints across the board from various customers about
mainstream web sites not loading with a blocked category message
(including fortiguard.com and forum.fortinet.com!)....
We're noticing this problem across multiple clients this morning. Any
users using Internet access policies with a DNS Filter profile enabled
are blocked from accessing the Internet. The DNS Query logs show
constant failures with:[ul]Error: no availab...
I can't say for sure, but I suspect this is a capacity issue with the
FortiGuard rating servers getting overloaded occasionally and the HTTPS
protocol is more sensitive to delays compared to a fast, connectionless
protocol like UDP. Also, the default...
Here's my take: FortiLink Aggregate Mode (split interface, LACP =
static):Pros:automatically loop-tolerant (MSTP)link-level redundancy at
FortiGateCons:only one FortiLink Aggregate port is active at a time (in
split-interface mode), and all traffic c...
So the cert warning is because you're not connecting via the same FQDN
(fully qualified domain name) as the certificate, and you can't connect
via that FQDN because it doesn't resolve to the FortiGate's internal IP?
That can be fixed a number of diff...
Unfortunately (and fortunately), the answer is no and this will never be
possible. The LetsEncrypt certificates that you can easily obtain are
always non-CA certificates. Deep packet inspection requires a CA
(certificate authority) certificate. You'l...
Hey JJ, I posted the solution in the thread you referenced. It looks
like you're only using the Automation Stitch notifications which don't
send the details of what changed, unlike the old "Alert Email Settings"
option. Since the "Alert Email Setting...