Technical Tip: Details about host check list and ...

nithincs · 09-25-2025

Description This article explains the communication flow used by the FortiGate to identify the public IP. Scope FortiGate Solution To get the public IP address, the FortiGate performs a series of steps: DNS Resolution: The FortiGate must first succes...

nithincs · 09-24-2025

Description This article explains how to determine if Virtual Domains (VDOMs) are enabled on a FortiGate. Scope FortiGate. Solution On FortiGates, Virtual Domain(VDOM) is a feature that lets the admin split a single physical FortiGate into multiple i...

nithincs · 09-15-2025

Description This article describes the information about MSS needing to be set for TCP communications in the policy based on the interface involved in the communication. Scope FortiGate. Solution MTU (Maximum Transmission Unit) is the largest size of...

nithincs · 07-22-2025

Description This article explains how to block the website belonging to a specific country code TLD. Scope FortiGate. Solution Below are the steps to block web access to a specific country code in FortiGate. Access can be blocked with DNS filter UTM ...

nithincs · 07-22-2025

Description This article provides a reason and a solution for a specific adult site getting allowed by the FortiGate Google ISDB policy. Scope FortiGate. Solution Most policies are ordered in a way that trusted connections and common internet service...

nithincs · 07-24-2023

yes, you could achieve it. Make sure to add dailup tunnel subnet in phase2 selector of the site-site tunnel. in FGT1 source :10.5.41.0/24 dest :192.168.8.0/24in FGT2 source 192.168.8.0 dest :10.5.41.0/24 In FGT2, add a routeto 10.5.41.0 via tunnel in...

nithincs · 05-22-2023

Hi Imel, I believe, you need to create ip pools for each nat ip address. Later call the same in specific soucre and destination policy. Please refer to https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-SNAT-with-IP-pool/ta-p/...

nithincs · 05-22-2023

hi, the script is correct. You can also follow alert mail for concerve mode and logs collection https://community.fortinet.com/t5/FortiGate/Technical-Tip-Automation-stitch-for-the-conserve-mode/ta-p/240696#:~:text=FortiGate%20by%20default%20turns%20o...

nithincs · 05-08-2023

hi Abel,Please make sure you have spit tunnel enable in the sslvpn so you that only remote subnet are pointing todards sslvpn adaptor in local pc. Better to check routing-table in the pc before and after connecting to sslvpn. use "route print" if its...

nithincs · 08-23-2022

Hi, Please try the solution provided in https://community.fortinet.com/t5/FortiGate/Technical-Tip-Error-The-VPN-server-may-be-unreachable-14-for/ta-p/190882

User Statistics

User Activity

Technical Tip: How does 'diagnose sys waninfo ipify' command identify the WAN ip address of the FortiGate

Technical Tip: How to check for VDOM Enablement on a FortiGate

Techinal Tip: Information about MSS needs to be set for TCP communications in the policy based on the interface involved in the communication

Technical Tip: How to block the website belonging to specific country code TLD

Technical Tip: How to block adult category site being allowed by the FortiGate Google ISDB policy

Re: Can remote FortiClient user get access to local lan connected over syte-2-syte tunnel?

Re: Dynamic NAT

Re: Restart Fortigate http/gui processes automatically because of a memory leakage

Re: Printer behind FortiClient not accessible

Re: FortiClient VPN connection error (-14)

Technical Tip: Details about host check list and ...

Technical Tip: Log action messages 'Accept: sessio...

Technical tip: Using FortiGate DNS filter to reduc...

Troubleshooting Tip: DHCP debug message 'There is ...

Technical Tip: Virtual wire pairs

KCS

Fortinet Training Institute

User Statistics

User Activity

You are leaving our website