Technical Tip: FortiGate and ZSTD implementation (...

AlexC-FTNT · 01-15-2025

Description This article provides some information about the currently detected vulnerability and fixes available. Scope FortiGate. Solution See the FortiGuard page for information about CVE-2024-55591 The fix suggested is to upgrade to FortiOS 7.0.1...

AlexC-FTNT · 12-05-2024

Description This article describes the checklist of items for FortiGate to facilitate Let's Encrypt ACME certificate provisioning. Scope FortiGate v7.0+ Solution Complete checklist and limitations for Let's Encrypt ACME certificate provisioning: Port...

AlexC-FTNT · 10-08-2024

Description This article describes that the 'By sequence' view is either available after a migration from another vendor, or manually set up in CLI. Follow this article for details: Technical Tip: Configure sequence grouping for firewall policies for...

AlexC-FTNT · 09-18-2024

Description This article describes how to display the list of current running packet captures. Note that running packet captures or sniffers issued through CLI (applet or SSH connection) cannot be displayed. Scope FortiOS. Solution FortiOS can displa...

AlexC-FTNT · 08-22-2024

Description This article explains how the security profiles are applied in a FortiGate. Scope FortiGate, all versions. Solution As in all network equipment, the communication with the exterior of the hardware is done via ports/interfaces. Where these...

AlexC-FTNT · 03-20-2025

But in most cases it is a misconfigurations. It also happens when you change your certificate, or user profiles. You need to clear the cache. Or use incognito/private mode - that will work (only to prove the point that action is needed on your side).

AlexC-FTNT · 11-24-2024

You posted this in the FortiGate forum. Maybe it would be better to post in FortiClient forum since it has nothing to do with FortiGate (because it works on PC with same config)

AlexC-FTNT · 11-12-2024

The Vlan tag is is a 32-bit field between the source MAC address and the EtherType fields of the original frame. There's nothing more to it. If the packet has Vlan tag 50 as it arrives on an interface, it is accepted, vlan tag stripped, then it is se...

AlexC-FTNT · 11-12-2024

why? is port3 in vlan50 also? FortiGate is a router, not a switch

AlexC-FTNT · 11-12-2024

Generally, these articles are better explained in the community portal. For example: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Understanding-the-log-message-User-shutdown-the/ta-p/301290 1) Who is this third-part CA? >> there are many...

User Statistics

User Activity

Technical Tip: Upgrade to FortiOS 7.0.17 to resolve vulnerability CVE-2024-55591

Troubleshooting Tip: ACME certificate provisioning

Technical Tip: Design change on grouping policies in sequence groups

Technical Tip: How to show current active packet captures

Technical Tip: Direction of traffic for security profiles (Webfilter, AV, etc)

Re: GUI CLI - "Connection lost. Press Enter to start a new session"

Re: FortiVPN IKE on MAC

Re: Trunk, how to add an access port

Re: Trunk, how to add an access port

Re: msg="User shutdown the device from forticron. The reason is 'System file integrity check fa

Technical Tip: FortiGate and ZSTD implementation (...

Technical Tip: FortiOS Unsupported feature: 'Is it...

Technical Tip: Hardware switch, Software switch, V...

Troubleshooting Tip: FortiGate blocking SIP INVITE...

Re: Cant find tdtype log field anywhere

Re: msg="User shutdown the device from forticron. ...

Re: Best Practices for FortiGate HA Pair Setup wit...

Re: How to connect two IPoE lines

Re: How to configure SDWAN pasive - active by CLI

Re: Cannot add the aggregate vpn member

KCS

Fortinet Training Institute

User Statistics

User Activity

You are leaving our website