Technical Tip: Details about host check list and ...

nithincs · 09-15-2025

Description This article describes the information about MSS needing to be set for TCP communications in the policy based on the interface involved in the communication. Scope FortiGate. Solution MTU (Maximum Transmission Unit) is the largest size of...

nithincs · 07-22-2025

Description This article explains how to block the website belonging to a specific country code TLD. Scope FortiGate. Solution Below are the steps to block web access to a specific country code in FortiGate. Access can be blocked with DNS filter UTM ...

nithincs · 07-22-2025

Description This article provides a reason and a solution for a specific adult site getting allowed by the FortiGate Google ISDB policy. Scope FortiGate. Solution Most policies are ordered in a way that trusted connections and common internet service...

nithincs · 06-27-2025

Description This article provides information on how to verify the root name servers and authoritative name server details that a FortiGate device learns while performing DNS lookups as a DNS resolver. Scope FortiGate V7.6. Solution To get the detail...

nithincs · 05-26-2025

Description This article describes how to verify that the DHCP-leased IP address has been updated. Scope FortiGate. Solution When the FortiGate interface mode is configured as DHCP, the interface will be the DHCP client, and after reaching the DHCP l...

nithincs · 07-24-2023

yes, you could achieve it. Make sure to add dailup tunnel subnet in phase2 selector of the site-site tunnel. in FGT1 source :10.5.41.0/24 dest :192.168.8.0/24in FGT2 source 192.168.8.0 dest :10.5.41.0/24 In FGT2, add a routeto 10.5.41.0 via tunnel in...

nithincs · 05-22-2023

Hi Imel, I believe, you need to create ip pools for each nat ip address. Later call the same in specific soucre and destination policy. Please refer to https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-SNAT-with-IP-pool/ta-p/...

nithincs · 05-22-2023

hi, the script is correct. You can also follow alert mail for concerve mode and logs collection https://community.fortinet.com/t5/FortiGate/Technical-Tip-Automation-stitch-for-the-conserve-mode/ta-p/240696#:~:text=FortiGate%20by%20default%20turns%20o...

nithincs · 05-08-2023

hi Abel,Please make sure you have spit tunnel enable in the sslvpn so you that only remote subnet are pointing todards sslvpn adaptor in local pc. Better to check routing-table in the pc before and after connecting to sslvpn. use "route print" if its...

nithincs · 08-23-2022

Hi, Please try the solution provided in https://community.fortinet.com/t5/FortiGate/Technical-Tip-Error-The-VPN-server-may-be-unreachable-14-for/ta-p/190882

User Statistics

User Activity

Techinal Tip: Information about MSS needs to be set for TCP communications in the policy based on the interface involved in the communication

Technical Tip: How to block the website belonging to specific country code TLD

Technical Tip: How to block adult category site being allowed by the FortiGate Google ISDB policy

Technical Tip: How to Verify DNS Root Server and Authoritative Name Server IP Information in a FortiGate

Technical Tip: Monitoring and verifying the DHCP-leased IP address updates from the ISP router

Re: Can remote FortiClient user get access to local lan connected over syte-2-syte tunnel?

Re: Dynamic NAT

Re: Restart Fortigate http/gui processes automatically because of a memory leakage

Re: Printer behind FortiClient not accessible

Re: FortiClient VPN connection error (-14)

Technical Tip: Details about host check list and ...

Technical Tip: Log action messages 'Accept: sessio...

Technical tip: Using FortiGate DNS filter to reduc...

Troubleshooting Tip: DHCP debug message 'There is ...

Technical Tip: Virtual wire pairs

KCS

Fortinet Training Institute

User Statistics

User Activity

You are leaving our website