Description This article describes a script for automatically
compressing FSSO Collector Agent's debug logs for the purposes of
extending the log coverage and decreasing the total log size on disk,
and provides example guidelines for implementing it....
Description This article describes how to configure automation stitches
to update DNS records hosted in Cloudflare upon DHCP lease renewal or
PPPoE (re)connection, effectively creating a dynamic DNS (DDNS) setup.
Scope This guide applies to FortiGate...
Description This article discusses the details of the static DNS
filter's matching logic, with examples provided to illustrate the
behavior. Scope The DNS filter operates only on DNS traffic and filters
only domain names. If it is wanted to take spec...
Description This article describes how to configure a webhook automation
stitch that posts a message into a chosen Discord channel when the
stitch is triggered. Scope This guide is applicable to any FortiOS
version that supports webhook automation ac...
DescriptionAfter creating a new DLP sensor by cloning an existing one,
changing the file-type filter on one changes the other as
well.SolutionThis happens because the file-type filters are separate
objects referenced by number in the sensor’s configu...
I don't even think the client's hostname is included in mode-config, so
this may not even be possible purely with mode-config. (at the very
least it is not listed here:
https://datatracker.ietf.org/doc/html/draft-dukes-ike-mode-cfg-02#section-3.4
)Fo...
The "continue without login" prompt usually happens after a
connectivity-probe sent by the device detects a portal. You could in
theory find out what those probed destinations are (this info should be
searchable online) and exclude them from captive ...
This is a known limitation, caused by the fact that in this situation
the Domain controller records logon events for rdp-user@example.com for
BOTH the source PC and the RDP destination PC. The only proper solution
is the RDP override settings, suppor...
https://docs.fortinet.com/document/fortigate/7.4.4/administration-guide/180888/web-portal-configurations
You can enable the "Limit Users to One SSL-VPN Connection at a Time"
option. This is a per-portal setting and applies to both web-mode and
tunnel...
I strongly recommend to open a TAC ticket to investigate this further,
in detail. I have no expectation of the native client supporting a
two-step 2FA (ask for username+pwd first, then for OTP code) in its GUI
for L2TP, but if we assume that the conf...