Re: Fortigate API - Remove address from group addr...

pminarik · 08-07-2024

Description This article describes a script for automatically compressing FSSO Collector Agent's debug logs for the purposes of extending the log coverage and decreasing the total log size on disk, and provides example guidelines for implementing it....

pminarik · 02-22-2024

Description This article describes how to configure automation stitches to update DNS records hosted in Cloudflare upon DHCP lease renewal or PPPoE (re)connection, effectively creating a dynamic DNS (DDNS) setup. Scope This guide applies to FortiGate...

pminarik · 12-15-2022

Description This article discusses the details of the static DNS filter's matching logic, with examples provided to illustrate the behavior. Scope The DNS filter operates only on DNS traffic and filters only domain names. If it is wanted to take spec...

pminarik · 05-25-2022

Description This article describes how to configure a webhook automation stitch that posts a message into a chosen Discord channel when the stitch is triggered. Scope This guide is applicable to any FortiOS version that supports webhook automation ac...

pminarik · 08-29-2016

DescriptionAfter creating a new DLP sensor by cloning an existing one, changing the file-type filter on one changes the other as well.SolutionThis happens because the file-type filters are separate objects referenced by number in the sensor’s configu...

pminarik · 10-09-2025

Hi, the original recommendation for Google IdP was mistaken. Neither Signed response enabled nor disabled fulfill the current FortiOS requirements (needing both Reply and Assertion(s) signed), so this is currently unresolvable in 7.4.9. You will need...

pminarik · 09-09-2025

If you're coming to the Unifi mgmt IP 192.168.0.1 from what is essentially WAN-side from its POV, I would imagine that it at least by default blocks such access attempts. Otherwise anyone could try connecting to anyone's unifi gateway over the intern...

pminarik · 09-09-2025

Incoming connection attempts are matched to local tunnel phase1 configurations based on: destination IP (IP of the interface the tunnel is bound to, or the manually set IP) remote peer's IP (site-to-site tunnels only) IKE version + mode (main/aggress...

pminarik · 09-09-2025

As far as I am aware, there are fully-featured evaluation licenses for VMs with two-month lifetime. They are intended for temporary evaluation/testing, PoCs, etc. You'll need to reach out to your sales contacts to discuss this possibility.

pminarik · 08-13-2025

Majority of polling sources (event logs, DC Agent) provide a hostname, which the Collector will always try to resolve to get the user's current IP, so the first step towards a functional user that just moved to a different IP is to ensure that DNS re...

User Statistics

User Activity

Troubleshooting Tip: Automation Script for FSSO Collector agent debug log compression and archiving

Technical Tip: Using Automation Stitches with Cloudflare API for Dynamic DNS (DDNS) Functionality

Technical Tip: DNS profile - Static Domain Filter Matching Logic

Technical Tip: Discord Webhook for Security Fabric Automation Stitches

Technical Note: DLP - Changing the file-type filter of a cloned sensor

Re: VPN SSO not working – signature verification errors

Re: Accessing Unifi gateway over separate LAN Networks

Re: IPsec - 52 / 5 000 adding a new VPN causes the previous one to not work

Re: Incorret certificate file key size when uploading self-signed certificates from Authentik

Re: FSSO Authentication Issue-Same Credentials, Different IP

Re: Fortigate API - Remove address from group addr...

Re: Rest Api - FGT - 6.4.2 - Fortiview

Re: Firewall blocking all Microsoft products

Re: IPSEC phase 1 SA lifetime not honouring config...

Re: FortiOS 7.6.0 Build3401 - RadSec TLS 1.3 not p...

Re: IPsec - 52 / 5 000 adding a new VPN causes th...

Re: How to Configure SMTP of Fortinet "notificatio...

Re: Central Nat behavior - exemption "no nat" rule

Re: Firewall blocking all Microsoft products

Re: Fortigate API - Filter by network mask on /api...

KCS

Fortinet Training Institute

User Statistics

User Activity

You are leaving our website