You are leaving our website

lmateus · 12-11-2013

Description This article describes the historical introduction of certificate-inspection support for Web Filtering on the FortiGate. Scope FortiGate v5.0 and later. Solution In early FortiOS versions (5.0.2 and earlier), Web Filtering was only suppor...

lmateus · 09-14-2010

DescriptionIt is possible to configure the FortiGate to send an SNMP trap when its configuration is not synchronized with the FortiManager database.ScopeSolutionThe specific event type is called "fm-conf-change"CLI configuration (only) : config syste...

lmateus · 05-07-2010

DescriptionIn some specific configuration, HTTP and HTTPS ports are not the standard ones (80 and 443).Following is an example with a Fortigate in Transparent before a web proxy :< LAN >-----[ FGT-inTP ]------[ Web-Proxy - HTTP 8080 / HTTPs 8181 ]---...

lmateus · 03-31-2010

DescriptionWhen troubleshooting connectivity issues through a Fortigate, the "diagnose debug flow" command output may show that all sessions from a host are blocked by the Fortigate because the host MAC address is being blacklisted.Example : 2010-03-...

lmateus · 03-10-2010

DescriptionWhen configuring LDAP authentication on FortiGate, the 'ldap-memberof' attribute can be used to check the user group membership to grant access accordingly.For example: config user group edit "first" set group-type sslvpn set ldap-memberof...

User Statistics

User Activity

Technical Tip: HTTPS Web Filtering supported without requiring SSL Deep Inspection (Legacy FortiOS 5.0+)

Technical Note : FortiGate SNMP trap sent when configuration not synchronized with FortiManager database

Technical Tip : Triggering NTLM authentication on HTTP and HTTPS non standard ports

Troubleshooting Tip : Message msg="HWaddr-xx:xx:xx:xx:xx:xx is in black list, drop" in a "diagnose debug flow" output

Technical Note : FortiGate 'ldap-memberof' query fails when the AD user is only member of one group

KCS

Fortinet Training Institute