Description This article describes every aspect of FortiGuard-related
communications initiated from a device such as FortiGate. Scope
FortiGuard - Introduction: FortiGuard Subscriptions/Services. FortiGuard
Methods - Live Querying vs Databases: Live ...
Description This article describes how to log and monitor the single CPU
core usage spike. Scope FortiGate with multiple CPU cores; FortiOS
version 7.2.4 and above. Solution The System event generally records the
CPU usage every 5 minutes by default ...
Description This article describes how to view the actual client IP
details in the FortiGate logs when the FortiGate is receiving the
traffic from a proxy device connected to its LAN segment. Scope
FortiGate v.6.0.0 or higher FortiGate is handling pa...
Description This article explains the format to properly add the SAN
(Subject Alternative Name) while generating CSR (Certificate Signing
Request). Scope FortiGate, FortiProxy. Solution The CSR can be generated
from System -> Certificates -> Generate...
Description This article explains how to overcome vulnerabilities
related to SSH Weak Message Authentication Code Algorithms. Scope When
doing vulnerability assessments against the FortiGate. For FortiOS
version 7.0 and upper. Solution The vulnerabil...
Hi, Yes, This is possible. Please have a look at the below links:
https://community.fortinet.com/t5/FortiGate/Technical-Note-How-to-configure-an-IPsec-tunnel-in-interface/ta-p/191808
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Best-prac...
Hi Walter, When VIP is configured with port forwarding, you need to
consider whether it gets triggered or not. In your case, "vip" (which
forwardis all ip) or a "vip with port-forwarding": ; effectively is the
same because you mentioned 1-65535 ports...
Hi Walter, Setting 'nat-source-vip' controls how the snat applies and is
done in the following order: 1. reverse SNAT according to the VIP if
nat-source-vip enabled; otherwise2. ippool specified in the policy (lan
to wan policy)3. reverse SNAT accord...
Hi, SDWAN has 4 implicit methods of load balancing one of which is
source-ip-based. The below link explains in brief regarding the same.
https://docs.fortinet.com/document/fortigate/6.2.13/cookbook/683285/selecting-the-implicit-sd-wan-algorithm
Have ...
Hi, The log event is related to an IPS event: type="utm" subtype="ips"
eventtype="signature" If you are sure this signature needs to be allowed
or whitelisted, you may follow the below document which explains the
same:
https://community.fortinet.com/...