Technical Tip: FortiGate OSPF – Effect of 'databas...

akileshc · 07-21-2025

Description This article explains why the 'Interface Per View' option is not available on the Virtual Wire Pair Policy page in FortiGate. This behavior is part of the current design. Scope FortiGate v7.6.0 and above. Solution On the Virtual Wire Pair...

akileshc · 07-08-2025

Description This article describes thehow to resolve the issue of SSL VPN requests being dropped by the FortiGate. The problem occurs when the firewall does not respond to requests on port 10443, despite the local-in policy being configured to allow ...

akileshc · 05-28-2025

Description This article describes the behavior when the database-filter-out option is enabled on a FortiGate OSPF interface. Scope FortiGate (All supported models/firmware). Solution The database-filter-outOption option suppresses the transmission o...

akileshc · 04-07-2025

Description This article describes the expected behavior when the QUIC option is set to 'block' in an SSL/SSH inspection profile and guides how to adjust the configuration to allow or inspect QUIC (HTTP/3) traffic. Scope FortiOS (FortiOS with SSL/SSH...

akileshc · 03-14-2025

Description This article describes how to use Link-Local Signaling (LLS), an extension used in OSPF Hello and Database Description (DBD) packets, to exchange additional information between directly connected routers. Scope FortiGate. Solution When th...

akileshc · 10-27-2024

Hello Tanlee, By default, SD-WAN rules will select a member only if there’s a valid route to the destination through that member. Since your WAN2 interface has an administrative distance (AD) of 10, and WAN1 with administrative distance (AD) of 5; th...

akileshc · 10-27-2024

Hello Salam, To differentiate connections or route traffic specifically to various internal servers offering different services, the extport must be configured identically in your case. In the example specified above, the extport has been mistakenly ...

akileshc · 10-27-2024

Hello Salam, To achieve this configuration on FortiGate, follow these steps using FortiGate's Virtual IPs (VIPs) and Firewall Policies: 1. Create VIPs: Each VIP entry maps the incoming requests on the specified external IP (your public IP) to the des...

akileshc · 10-26-2024

Hi Usman, The FortiGuard Antivirus Service uses Content Pattern Recognition Language (CPRL) to boost both the accuracy and speed of threat detection, going beyond what traditional signature-based methods can offer, especially for more sophisticated t...

akileshc · 10-21-2024

Hello, Yes, your understanding is correct. In order for the FortiGate antivirus profile to scan encrypted files, SSL/SSH decryption must be enabled to decrypt the traffic for inspection. Without decryption, the antivirus profile cannot scan encrypted...

User Statistics

User Activity

Technical Tip: Interface Per View is not supported for Virtual Wire Pair (VWP) policies

Technical Tip: FortiGate Drops SSL VPN Traffic Without Dynamic Local-In Policy