lmateus
Staff
Staff
‎11-16-2021
Last activity: Nov 16, 2021 10:56:35 AM
60 Profile 60% Complete

User Statistics

  • Topics
    13 Topics
  • Posts
    13 Posts
  • Solutions
    0 Solutions
  • Kudos
    0 Kudos
Most Liked Posts Recent Solutions
No Content Available

User Activity

DescriptionSince FortiOS 5.0.3, when configured to not do HTTPS deep scan (no man in the middle) SSL inspection has been improvedNow, FortiOS checks also the server name in the client Hello from the SSL negotiation. This is called SNI/CN method (Serv...
DescriptionIt is possible to configure the FortiGate to send an SNMP trap when its configuration is not synchronized with the FortiManager database.ScopeSolutionThe specific event type is called "fm-conf-change"CLI configuration (only) : config syste...
DescriptionIn some specific configuration, HTTP and HTTPS ports are not the standard ones (80 and 443).Following is an example with a Fortigate in Transparent before a web proxy :< LAN >-----[ FGT-inTP ]------[ Web-Proxy - HTTP 8080 / HTTPs 8181 ]---...
DescriptionWhen troubleshooting connectivity issues through a Fortigate, the "diagnose debug flow" command output may show that all sessions from a host are blocked by the Fortigate because the host MAC address is being blacklisted.Example : 2010-03-...
DescriptionWhen configuring LDAP authentication on FortiGate, the "ldap-memberof" attribute can be used to check the user group membership to grant access accordingly.For example:config user group edit "first" set group-type sslvpn set ldap-memberof ...