Description There are certain questions from users about features that
do not work as expected , or as according to the documentation. This
article does not refer to these cases individually (such as
misconfiguration, misunderstanding, or bugs). This...
Description This article allows for a visual guide of RIP configuration
in FortiGate GUI on a single FortiGate. RIP is normally used in small
and medium-sized networks. Scope FortiGate. Solution RIP can be accessed
in GUI and these are the available ...
Description This article describes the process of adding or configuring
multiple IPs on a FortiGate interface. Scope Quick addition of secondary
IP from the command line as well as GUI. Solution To configure another
IP than the already defined one, e...
Description This article provides guidance for this unusual behavior of
the FortiGate regarding secondary SIP INVITE packets. Normally, one or
two INVITE packets are sent when a call is placed. These packets are
correctly forwarded and NAT-ted by For...
Description This article describes the FTP suite of protocols (FTPs,
sFTP, SFTP). It contains the basic mode of operation, differences, and
explanations. Scope FortiGate. Solution Technical terms are explained in
relation to what firewall ports need ...
Does it work when you allow all the traffic out? (without filtering by
application/ISDB,etc? ) What protocol/ports does this app uses/needs?
Did you disable SIP-ALG (by mistake or for some other reason)? What does
the logs or debug flow tells you?
Most importantly - what did you configure so far?Fortigate blocks
facebook through Application Control. App Control needs deep-inspection
profile (and sometimes proxy-mode policy). No SSL exemptions (for
Facebook). Did you set your policy as such?
"TCP-session-without-syn" and enabling asymmetric-routing should make no
difference. Make sure you did not 'mistakenly' disabled any
session-helper or SIP-ALG. Then collect the packet capture without any
change on the policy. Also, a very simple test...
Simply put: no.But I think you can create a separate notification script
based on the log entry associated to config backup. Something like:
Automation 1 > Backup config via script (sftp). System log generated >
check log ID Log ID > trigger for Auto...
Make sure that the unit has active connection to FortiGuard, and check
with: diag debug app update -1 exec update-nowYou can't tell if the
command "diagnose web-ui app-icon-update" is working, just by changing
the timeout. Also, this was removed a lo...