Re: Fortigate API - Remove address from group addr...

pminarik · 08-07-2024

Description This article describes a script for automatically compressing FSSO Collector Agent's debug logs for the purposes of extending the log coverage and decreasing the total log size on disk, and provides example guidelines for implementing it....

pminarik · 02-22-2024

Description This article describes how to configure automation stitches to update DNS records hosted in Cloudflare upon DHCP lease renewal or PPPoE (re)connection, effectively creating a dynamic DNS (DDNS) setup. Scope This guide applies to FortiGate...

pminarik · 12-15-2022

Description This article discusses the details of the static DNS filter's matching logic, with examples provided to illustrate the behavior. Scope The DNS filter operates only on DNS traffic and filters only domain names. If it is wanted to take spec...

pminarik · 05-25-2022

Description This article describes how to configure a webhook automation stitch that posts a message into a chosen Discord channel when the stitch is triggered. Scope This guide is applicable to any FortiOS version that supports webhook automation ac...

pminarik · 08-29-2016

DescriptionAfter creating a new DLP sensor by cloning an existing one, changing the file-type filter on one changes the other as well.SolutionThis happens because the file-type filters are separate objects referenced by number in the sensor’s configu...

pminarik · 05-28-2025

You can certainly try, but it is not supported, so you will not receive TAC support for such deployments. I wouldn't expect DC Agent to work, given that it's a dll plugin for lsass.exe on a DC. Basic event log polling might work, if your Samba4 DC lo...

pminarik · 05-28-2025

I would say that the proxy's behaviour should be fixed then. TLS version of a session is not established until both sides agree, so a middle-box blocking a session because it sees 1.1 mentioned in a ClientHello and interprets is as TLS 1.1 is factual...

pminarik · 04-16-2025

The abuse scenario is a malicious FortiGate administrator with read-write access to "config user ldap" changing the configuration so that the LDAP server IP address points to an IP they control, in order to capture the LDAP service account credential...

pminarik · 03-18-2025

You should review the SAML response when it is received by the FortiGate from the IdP, and check if it contains the group's UUID as expected. enable samld debug output: di de app saml -1 di de app sslvpn -1 di de enable Reproduce the authentication a...

pminarik · 03-05-2025

Not possible. FortiGates are authenticated by their Fortinet-issued certificate when connecting to that server, but FAC cannot be configured to use a client-cert in SMTP configs currently.

User Statistics

User Activity

Troubleshooting Tip: Automation Script for FSSO Collector agent debug log compression and archiving

Technical Tip: Using Automation Stitches with Cloudflare API for Dynamic DNS (DDNS) Functionality

Technical Tip: DNS profile - Static Domain Filter Matching Logic

Technical Tip: Discord Webhook for Security Fabric Automation Stitches

Technical Note: DLP - Changing the file-type filter of a cloned sensor

Re: AD on Samba 4 vs FSSO

Re: FortiClient Added TLS1.1 in Client Hello from 7.2.5

Re: FG-IR-24-111 Solution Coming?

Re: SSL VPN and azure saml not permitted

Re: How to Configure SMTP of Fortinet "notification.fortinet.com" on FortiAuthenticator

Re: Fortigate API - Remove address from group addr...

Re: Rest Api - FGT - 6.4.2 - Fortiview

Re: Firewall blocking all Microsoft products

Re: IPSEC phase 1 SA lifetime not honouring config...

Re: FortiOS 7.6.0 Build3401 - RadSec TLS 1.3 not p...

Re: How to Configure SMTP of Fortinet "notificatio...

Re: Central Nat behavior - exemption "no nat" rule

Re: Firewall blocking all Microsoft products

Re: Fortigate API - Filter by network mask on /api...

Re: DNS v Web Filter v ISDB

Fortinet Training Institute

KCS

User Statistics

User Activity

You are leaving our website