Hi. I want to build an Icinga Graph using SNMP fpr Traffic Monitoring.I
have a single WAN Port (actually aggregated port). Traffic to
120.0.0.0/16 doesn't concern, I only want to measure traffic to every
target BUT 120.0.0.0. Any ideas?
Hi, Is the log file length for forwarding traffic on disk configurable?
On my FG3140B the Log is 90.000 entries large containing only 2 hours.
That is way too short! Config:FSM1 (35GB of 58GB) Feature | Storage Size
| Allocated | UsedLogging and Arch...
In the Log files I get "peer SA proposal not match local policy". I
guess this means the Phase 1 Settings from the Android Client don't
match these from the Fortigate?!? Which settings and Encryption
proposals I need for the Client? The Windows Forti...
L2TP seemed not to work with Mode Config enable. Wanted to get Split
Tunneling enabled. When I enable Mode Config, no connection occurs. It
seem the client is waiting for a IP? Last in 'diag deb app ike -1' I see
is:ike 7:L2TP:358: responder:main mod...
Hi. My L2TP Config works fine with embedded Clients for Windows and
Android, only the iOS (iPad Air 2) couldnt get the DNS Setting right (i
guess). IP-based HTTP works fine. What might be the problem here?
I'm trying to strip down my logs and am all the way up to 9 hours of
logs :\ I have a policy "dns allow all" with logging OFF, but my
forward-log is full of connections matching this policy. Why is that?
I have log everything on by default :oDidn't thought that the logging is
so demanding. Now have modded some rules and gained an extra hour. Now I
have 3 hours of history. Way too small anyway. Biggest fish seems to be
the log everything-deny-all poli...
Yes I do. But there seems to be space left on the device. But when I get
this right these some GB wouldn't bring me more than some minutes I
guess? Without Syslog-Server there is only Reducing the Logs drastically
or upgrade the SSD?
Like I said, connection works with 'mode-cfg disable', but with wrong
nameserver settings (not usable).The connection itself doesn't come up
with 'mode-cfg enable' at all! Thats the main issue.
