Technical Tip: Keep the flash partition without it...

btey · 07-23-2024

Description This article describes the method to generate ICMP unreachable logs and the policy matching. Scope FortiGate. Solution To generate ICMP log message: config log setting set log-invalid-packet enable end The ICMP log is generated as below: ...

btey · 03-20-2024

Description This article provides the solution when getting the below error in the SMS gateway (HTTPS protocol) 'Unable to send a text message: HTTP request failed (url: https://x.x.x.x/, status: 0, res: ). Please check your configuration'. Scope For...

btey · 12-27-2023

Description This article describes how to roll back to a previous firmware version after following a multiple upgrade path. A downgrade from the flash partition can load the previous configuration. (It does not include the configuration made after th...

btey · 11-06-2023

Description This article describes how to control TLS1.2 cipher suites for HTTPS administrative access. Scope FortiGate v7.2v and v7.4.1. Solution By default, when strong-crypto is enabled, the cipher suites are listed below: To disable the following...

btey · 07-09-2023

Description This article describes how to remove the usage of a firewall sniffer for the system interface post-firmware upgrade to version 7.2/7.4. Scope FortiGate v7.2, 7.4. Solution Before version 7.2, the packet capture GUI interface was as below:...

btey · 11-13-2023

Hi slouw, You need to add interface member into SD-WAN zone. Please check the following administrative guide for SD-WAN quick start. https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/218559/configuring-the-sd-wan-interface

btey · 07-10-2023

Hi BusinessUser, That is the naming convention in the flash partition. Please refer to the build number for confirmation. Thank you.

btey · 07-09-2023

Hi BusinessUser, For sys flash list, example as below: xxxx-6.00-FW-build0272 <<<<

btey · 07-05-2022

Please ensure the CA certificate is correct. You may perform packet capture for the LDAP connection to get more detail.

btey · 07-05-2022

Hi Acxelsus, What is firewall firmware version? You may try to run httpsd debug to check the LDAPS negotiation or you may try disable server-identity-check config user ldapedit xxx>>> Server Nameset server-identity-check disableend For httpsd debug: ...

User Statistics

User Activity

Technical Tip: ICMP unreachable logging and policy matching

Troubleshooting Tip: SMS gateway using HTTPS protocol unable to send a text message: HTTP request failed

Technical Tip: Keep the flash partition without it being overwritten (For rollback purposes)

Technical Tip: How to remove cipher suites other than GCM cipher suites (TLS1.2)

Technical Tip: How to remove system interface reference (firewall sniffer) post firmware upgrade

Re: How is SD-WAN enabled

Re: Firmware "Disappear" When Upgrading Firewall?

Re: Firmware "Disappear" When Upgrading Firewall?

Re: Can't contact LDAP server Fortigate60F

Re: Can't contact LDAP server Fortigate60F

Technical Tip: Keep the flash partition without it...

Re: How is SD-WAN enabled

Technical Tip: DHCP Secondary DNS server Option

Troubleshooting Tip: SMS gateway using HTTPS proto...

Technical Tip: How to remove cipher suites other t...

Re: How is SD-WAN enabled

Re: Firmware "Disappear" When Upgrading Firewall?

KCS