Fortinet Community

mattchow_FTNT · 04-01-2021

DescriptionThis article describes how to use access control list to avoid VPN generate log for IPSec blocked IP.SolutionPartial packet flow ingress as shown below:Access control list will be dropping the packet before it reach IPsec VPN decryption pr...

mattchow_FTNT · 04-01-2021

DescriptionThis article describes how to configure DoS protection’s quarantine/elapse/reset time for thresholds based on the number of concurrent sessions.For example.SolutionDefault tcp source concurrent session is 5000, no timer will be set by defa...

mattchow_FTNT · 07-14-2020

DescriptionThis article describes expected behavior when email server uses HA management IP as source IP.SolutionBelow is the document link for 'set ha-direct enable' functionality, and it is only available in CLI.# config system ha set ha-direct ena...

mattchow_FTNT · 07-14-2020

DescriptionThis article describes limitation on sslvpn mac address check before and after FortiClient 6.2.SolutionFree FortiClient before version 6.2.-SSLVPN MAC address check is available before version 6.2 but it is not applied to mobile units like...

mattchow_FTNT · 07-14-2020

DescriptionThis article shows examples of DoS attack log according to action set on DoS policy.SolutionBelow are the 2 examples of DoS attack on UDP flood and action taken by FortiGate according to actions configured.1) If DoS Policy is enabled with ...

Fortinet Community

User Statistics

User Activity

Technical Tip: How to avoid IPSec VPN generate blocked IP log

Technical Tip: How to configure DoS protection’s quarantine/elapse/reset time

Technical Tip: Expected behavior when email server uses HA management IP as source IP

Technical Tip: Limitation on SSLVPN MAC address host check

Technical Tip: DoS attack log according to action set on DoS policy

News & Articles

Security Research

Company

Contact Us