hi, today I set up email alerts for various events (so, event based and
not severity level based), and I am missing a setting for hardware
failure events, you know, fans, PSU, temperature. A look into the CLI
didn't help.Am I thinking too hard, and t...
Hello fellows, for simplicity, I often use my private SSH key to log in
into my local admin account on various FGTs (I mean, CLI access via
SSH). Now, if instead of a local admin account I use a wildcard admin
account against LDAP/MS AD in the backgr...
hello all, I've got a pair of FG-200B running v4.3.18 in A-P HA mode.
Each cluster member is at a different location, HA links are across a
dedicated line. On each site, there is one Cisco access router (19xx) in
front of the FGT providing WAN access...
hello all, I'm planning to place the slave unit of a Fortigate HA
cluster into a remote location. There is a leased line (layer 2) for the
HA connect. Can anybody confirm that I can run the HA traffic across a
VLAN between the access switches on each...
hi guys, I need to size a FGT as an SSLVPN gateway. There will be around
300 concurrent users, albeit on a 400 Mbps line (as of now). No heavy
UTM is planned, just some AV, anti-botnet stuff. Remote users will
access intranet servers for HTTP, HTTPS,...
regarding Q2 (upgrade via TFTP or USB):For using TFTP upgrade, you will
have to establish a working network connection first. On a notebook, you
will have to set up a static IP, a TFTP server, connect FGT and NB via
cable (find a free port on FGT), c...
in CLI:conf log syslogd filter and get the options by typing'set ?' IMHO
setting up a FAZ-VM without license would be the most accurate way to
see what is coming onto you. The dashboard of the FAZ clearly shows
logs/sec, GB/day etc. etc.Unlicensed VM...
Have you checked "Security Fabric" / "Automation" yet on the FADC? You
can automate actions like sending emails, triggered by a lot of events
or measurements. Maybe this will work for you even without involving a
@Network_Engineer: the CLI command you posted will open a telnet session
across the HA link, from one cluster member to the other. This is nice
if you don't have HA mgmt addresses configured - it's more of a
workaround.In general, you would create th...
hi,when you enable NAT in a policy by crossing the checkbox, you apply
source NAT. By default, the IP address of the outbound interface is used
instead of the original address.So, your rule 1 sends traffic to the
internet with a source address of you...