Description This article describes how to troubleshoot the IPS signature
matching which can give visibility of triggered IPS alerts. Scope IPS
Engineer v7.0 and earlier. Solution When the UTM IPS profile is enabled
in the firewall policies, it is pos...
Description This article describes how to create a custom IPS signature
to block through the SNI (Server Name Indication) of TLS extension a
HTTPS connection or those TLS connection where the SNI header is used
during the TLS handshake. Scope FortiGa...
Description This article describes how to troubleshoot in FortiOS the
DNS Transfer zone from DNS Master authoritative. Scope FortiOS 7.0 and
earlier. Solution The FortiOS can be the slave for a DNS zone and
transfer all the records from the Master. T...
Description This article discusses the reason SSL VPN Bookmark failed
when IP Pool is used in the policy. Scope FortiOS 6.4.9, 7.0.1, 7.2.0
and earlier. Solution Working with SSL VPN Web Mode, create a personal
Bookmark to connect internal resources....
Description This article describe how to troubleshoot in FortiOS DHCPv6
Prefix Delegation. Scope FortiOS 6.0, 6.2 and earlier. Solution Some ISP
can provide an IPv6 address through dynamic addressing mechanism and
additional delegate an IPv6 prefix t...
Hi The following topology with fortiswitch could be help "HA-mode
FortiGate units in different sites"
https://docs.fortinet.com/document/fortiswitch/7.0.4/devices-managed-by-fortios/780635/switch-redundancy-with-mclag#HA-mode3
Regards
Hi, The LACP PDUs are packets on L2, so in order to allow the forward of
L2 on fortigate VWP, you can try enabling l2forward at interface level.
You also needs to consider forward arp packets. config system
interfaceedit set l2forward enableend confi...
The log entries are addressing the user login and login source from the
device detection/identification feature (enabled at the interface). -
The logs of uthusersource="kerberos" is collected from traffic kerberos
on the authentication process betwee...