Description This article explains why the 'Interface Per View' option is
not available on the Virtual Wire Pair Policy page in FortiGate. This
behavior is part of the current design. Scope FortiGate v7.6.0 and
above. Solution On the Virtual Wire Pair...
Description This article describes thehow to resolve the issue of SSL
VPN requests being dropped by the FortiGate. The problem occurs when the
firewall does not respond to requests on port 10443, despite the
local-in policy being configured to allow ...
Description This article describes the behavior when the
database-filter-out option is enabled on a FortiGate OSPF interface.
Scope FortiGate (All supported models/firmware). Solution The
database-filter-outOption option suppresses the transmission o...
Description This article describes the expected behavior when the QUIC
option is set to 'block' in an SSL/SSH inspection profile and guides how
to adjust the configuration to allow or inspect QUIC (HTTP/3) traffic.
Scope FortiOS (FortiOS with SSL/SSH...
Description This article describes how to use Link-Local Signaling
(LLS), an extension used in OSPF Hello and Database Description (DBD)
packets, to exchange additional information between directly connected
routers. Scope FortiGate. Solution When th...
Hello Tanlee, By default, SD-WAN rules will select a member only if
there’s a valid route to the destination through that member. Since your
WAN2 interface has an administrative distance (AD) of 10, and WAN1 with
administrative distance (AD) of 5; th...
Hello Salam, To differentiate connections or route traffic specifically
to various internal servers offering different services, the extport
must be configured identically in your case. In the example specified
above, the extport has been mistakenly ...
Hello Salam, To achieve this configuration on FortiGate, follow these
steps using FortiGate's Virtual IPs (VIPs) and Firewall Policies: 1.
Create VIPs: Each VIP entry maps the incoming requests on the specified
external IP (your public IP) to the des...
Hi Usman, The FortiGuard Antivirus Service uses Content Pattern
Recognition Language (CPRL) to boost both the accuracy and speed of
threat detection, going beyond what traditional signature-based methods
can offer, especially for more sophisticated t...
Hello, Yes, your understanding is correct. In order for the FortiGate
antivirus profile to scan encrypted files, SSL/SSH decryption must be
enabled to decrypt the traffic for inspection. Without decryption, the
antivirus profile cannot scan encrypted...