Technical Tip: FortiGuard Overview and Troubleshoo...

Sachin_Alex_Cherian_ · 09-19-2024

Description This article describes how SD-WAN Bandwidth/Network monitoring service is a licensed service that helps determine the network bandwidth by executing a speed test towards a cloud server. The results can be used to help configure interface ...

Sachin_Alex_Cherian_ · 08-23-2024

Description This article describes that FortiGate is now capable of handling the QUIC/TLS handshake and performing deep inspection or certificate inspection for HTTP3 and QUIC traffic. Scope FortiGate and FortiProxy running 7.4.1 or higher. Solution ...

Sachin_Alex_Cherian_ · 03-01-2024

Description This article describes every aspect of FortiGuard-related communications initiated from a device such as FortiGate. Scope FortiGuard - Introduction: FortiGuard Subscriptions/Services. FortiGuard Methods - Live Querying vs Databases: Live ...

Sachin_Alex_Cherian_ · 01-08-2024

Description This article describes how to log and monitor a single CPU core usage spike. Scope FortiGate with multiple CPU cores v7.2.4 and above. Solution The System event generally records the CPU usage every 5 minutes by default, as seen in the ex...

Sachin_Alex_Cherian_ · 06-28-2022

Description This article describes how to view the actual client IP details in the FortiGate logs when the FortiGate receives traffic from a proxy device connected to its LAN segment. Scope FortiGate v.6.0.0 or higher. FortiGate is handling pass-thro...

Sachin_Alex_Cherian_ · 07-10-2024

Hello, Can you check if you have anycast disabled under 'config system fortiguard'. Also check globalgip.fortinet.net can be resolved by FGT system DNS. Another alternative command to use would be diagnose geoip ip2country I was able to find the bel...

Sachin_Alex_Cherian_ · 04-02-2023

Hi, Yes, This is possible. Please have a look at the below links: https://community.fortinet.com/t5/FortiGate/Technical-Note-How-to-configure-an-IPsec-tunnel-in-interface/ta-p/191808 https://community.fortinet.com/t5/FortiGate/Technical-Tip-Best-prac...

Sachin_Alex_Cherian_ · 03-30-2023

Hi Walter, When VIP is configured with port forwarding, you need to consider whether it gets triggered or not. In your case, "vip" (which forwardis all ip) or a "vip with port-forwarding": ; effectively is the same because you mentioned 1-65535 ports...

Sachin_Alex_Cherian_ · 03-27-2023

Hi Walter, Setting 'nat-source-vip' controls how the snat applies and is done in the following order: 1. reverse SNAT according to the VIP if nat-source-vip enabled; otherwise2. ippool specified in the policy (lan to wan policy)3. reverse SNAT accord...

Sachin_Alex_Cherian_ · 03-23-2023

Hi, SDWAN has 4 implicit methods of load balancing one of which is source-ip-based. The below link explains in brief regarding the same. https://docs.fortinet.com/document/fortigate/6.2.13/cookbook/683285/selecting-the-implicit-sd-wan-algorithm Have ...

User Statistics

User Activity

Troubleshooting Tip: Troubleshooting Guidelines when using the SD-WAN Bandwidth/Network Monitoring Service

Technical Tip: QUIC / HTTP3 support for certificate and deep inspection