Hello, We have a problem where we have a site who has two ISPs that do
not allow access to their DNS servers from the opposite DNS. What I' d
like to do is configure the Fortigate to be the forwarder for our on
site DNS Servers, and have the Fortigat...
Hello, How does one go about trigger an HA failover from the CLI?
Specifically, how does one go about trigger a failback to the cluster
member with the highest weight? Thanks, Matt
Hello, I know of the FortiVM virtual machine (similar to Checkpoint' s
SPlat, or homegrown firewall solutions). This is, unfortunately, a true
licensable, production device of course. I am wondering if Fortinet has
released a FortiOS emulator. Someth...
Hello, I would like to allow only one host access to DNS from internal1
to wan1. This host is 192.168.100.10. I have a policy allowing that
qualified source, to the destination known DNS servers. However, I am
getting " denied by forward policy" when...
Hello, I have a firewall where five interfaces live on five different
VLANs. The network that lives on internal1 is 192.168.100.0/24. When I
run the following sniffer line, no packets are captured. diag sniffer
packet dmz ' not dst net 192.168.100.0'...
Cool. I had a problem yesterday where all my HTTPS inspection... just...
dropped... isolated in a single VDOM. wat. I restarted the `ssl` daemon
and it worked. So you mean you simply have " Enable Deep Scanning"
enabled in the protocol options object...
Cool. I agree, if it was the cert, it would fail globally (of course!).
Have you tried testing with a total other client like `curl`? curl
--insecure https://google.com That' s interesting, seeing:
<H1>301
Moved</H1> The document has moved here. What happen...
That' s interesting that it works fine on some sites, but not all sites
over https. Are you blocking some sites, and not others? You' re
probably not blocking google.com, right? Try this instead: diag debug
enable diag debug console timestamp enable ...
AL: It looks like you may have edited your original post because you
thought I didn' t answer your question. That looks like the upper left
corner of the Fortinet blocked page. I suggest you look at Chrome
Developers Tools, Fiddler, or another DOM in...