Technical Tip: FortiOS packet sniffer tip

nnair · 07-18-2024

Description This article describes why it is necessary to disable ASIC on firewall policy. Scope All FortiGate which has ASIC. Solution Before attempting to capture traffic on ForitGate ensure that ASIC offloading is disabled on the respective firewa...

nnair · 01-12-2024

Description This article provides the information that for the read-only users, there are limitations to enable the number of bandwidth monitoring interfaces. In the read-only users, there is a limit of 2. Scope FortiGate. Solution Create the read-on...

nnair · 09-14-2023

Description This article describes the possible reason why it is not possible to log in to the device with Forti Hardtoken because of the time/NTP issue. Scope FortiGate. Solution The Authentication failure error has been visible while logging into t...

nnair · 07-31-2023

Description This article describes how to enable the audit log via CLI. Scope FortiGate 7.0.x. Solution Below are the steps to enable the audit log on the CLI: config system global set cli-audit-log enable end To test if the audit logs are working, t...

nnair · 04-27-2023

Description This article describes how to enable STUN protocol in a policy. Scope All versions of FortiGate.Fortigate must be in Profile-Based Mode (with or without Central SNAT enabled). Solution By default, the STUN option is hidden in policies.To ...

nnair · 07-17-2024

++ASIC offloading is disabled on respective firewall policy.This is because sessions offloaded by Network Processors (NP6, NP6Lite) will not be captured by sniffer. Note: this make cause the high cpu, to prevent cpu overutilization, create a more spe...

nnair · 10-10-2023

You can try to delete the logs and then upgrade it,execute log delete-allIf the above doesnot work, then flash format the device and upload 5.6.13 firmware and then the configuration and then upgrade it. If still not working, then you can open a tick...

nnair · 10-10-2023

You may check the below link:https://www.fortiguard.com/encyclopedia/ips/100663396

nnair · 10-10-2023

You may also check the below links:https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGuard-is-not-reachable-via-Anycast-default/ta-p/190041https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGuard-Services-are-Unreachable/ta-p...

nnair · 08-29-2023

Dear Customer,May I know on which device you are trying to remove the software inventory ?

User Statistics

User Activity

Technical Tip: FortiOS packet sniffer tip

Technical Tip: Limitation for the read only users

Troubleshooting Tip: Unable to login to fortigate with Hardtoken

Technical Tip: Enable audit log via CLI

Technical Tip: How to enable STUN protocol in policy

Re: Asic-Offload

Re: Upgrades FW Fortigate 30D and 30E from 5.6.13 to 6.x.x

Re: Get count of half open tcp sessions

Re: Unable to connect to fortiguard servers

Re: Remove hosts and software from Inventory

Technical Tip: FortiOS packet sniffer tip

Technical Tip: How to enable STUN protocol in poli...

Re: Asic-Offload

Re: Get count of half open tcp sessions

Re: Script for dis/enabling wwan interface

KCS