Technical Tip: Details about host check list and ...

nithincs · 12-27-2024

Description This article describes how to block local network communication to Botnet IPs and Botnet Domains. Scope FortiGate. Solution If a LAN PC or IOT device is compromised, it will generate traffic or try to communicate with Botnet IPs and Botne...

nithincs · 12-23-2024

Description This article describes how to allow SSL VPN users' internet access when Central SNAT is enabled in FortiGate. Scope FortiGate. Solution The user Firewall policy is configured as below: Split-tunnel in SSL VPN Portal is disabled to route u...

nithincs · 12-22-2024

Description This article describes how to configure a FortiGate running with Policy-based NGFW Mode to make SSL VPN work. Scope FortiGate. Solution Generally, SSL VPN is implemented in FortiGates as per the following documents: SSL VPN full tunnel fo...

nithincs · 12-19-2024

Description This article describes how to use a CLI console to filter and extract specific logs. Scope FortiGate. Solution In some circumstances, FortiGate GUI may lag or fail to display the logs when filtered. In such a state, a CLI console or an SS...

nithincs · 12-19-2024

Description This article describes how to integrate FortiAnalyzer with FortiGate. Scope FortiGate, FortiAnalyzer Solution FortiAnalyzer is integrated with FortiGate as a security fabric to forward the FortiGate logs and generate reports. To configure...

nithincs · 07-24-2023

yes, you could achieve it. Make sure to add dailup tunnel subnet in phase2 selector of the site-site tunnel. in FGT1 source :10.5.41.0/24 dest :192.168.8.0/24in FGT2 source 192.168.8.0 dest :10.5.41.0/24 In FGT2, add a routeto 10.5.41.0 via tunnel in...

nithincs · 05-22-2023

Hi Imel, I believe, you need to create ip pools for each nat ip address. Later call the same in specific soucre and destination policy. Please refer to https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-SNAT-with-IP-pool/ta-p/...

nithincs · 05-22-2023

hi, the script is correct. You can also follow alert mail for concerve mode and logs collection https://community.fortinet.com/t5/FortiGate/Technical-Tip-Automation-stitch-for-the-conserve-mode/ta-p/240696#:~:text=FortiGate%20by%20default%20turns%20o...

nithincs · 05-08-2023

hi Abel,Please make sure you have spit tunnel enable in the sslvpn so you that only remote subnet are pointing todards sslvpn adaptor in local pc. Better to check routing-table in the pc before and after connecting to sslvpn. use "route print" if its...

nithincs · 08-23-2022

Hi, Please try the solution provided in https://community.fortinet.com/t5/FortiGate/Technical-Tip-Error-The-VPN-server-may-be-unreachable-14-for/ta-p/190882

User Statistics

User Activity

Technical Tip: Blocking local network communicating to Botnet IPs and Botnet Domains

Troubleshooting Tip: SSL VPN user internet connectivity issue in Central SNAT enabled FortiGate

Troubleshooting Tip: SSL VPN is not working after configuring SSLVPN in Policy-based NGFW Mode FortiGate

Technical Tip: How to narrow down specific logs from CLI of the FortiGate

Technical Tip: Integrating FortiAnalyzer with FortiGate

Re: Can remote FortiClient user get access to local lan connected over syte-2-syte tunnel?

Re: Dynamic NAT

Re: Restart Fortigate http/gui processes automatically because of a memory leakage

Re: Printer behind FortiClient not accessible

Re: FortiClient VPN connection error (-14)

Technical Tip: Details about host check list and ...

Technical Tip: Virtual wire pairs

Troubleshooting Tip: Not able to ping the Ipsec VP...

Technical Tip: Log action messages 'Accept: sessio...

Technical Tip: IPsec VPN 'could not send IKE Packe...

Fortinet Training Institute

KCS