About MarcusLeung

MarcusLeung · 09-22-2022

Technical Tip: Fragment IP packet before IPsec enc... - Fortinet Community It seems the NP6 does not support pre-encapsulation and we need to turn off the NP by disable the auto-asic-offload in firewall policy. May I know if NP7 support pre-encapsula...

MarcusLeung · 05-05-2022

Recently the FortiGate received attack from 114.34.160.41 and IPS successfully blocked the attack, but then caused a false alarm on SIEM. As the FortiGate sent a “Allowed – session reset” log message to SIEM, the SIEM triggered a high-alert message, ...

MarcusLeung · 09-23-2022

Hi tthrilok, Thank for your reply! I will test the settings later.

MarcusLeung · 09-23-2022

Hi tthrilok, Thank for your reply!I will test the settings later.

MarcusLeung · 05-09-2022

Hi amouawad, Thanks for your reply! The policy is using default IPS profile and should be the reason why action shows "Allowed" on traffic log. But why some CVE set Action "Pass" as default setting?

User Statistics

User Activity

Does NP7 support pre-encapsulation for IPsec VPN?

IPS engine blocked the attack but "Allowed" & Action "TCP reset from client" in Traffic log

Re: Does NP7 support pre-encapsulation for IPsec VPN?

Re: Does NP7 support pre-encapsulation for IPsec VPN?

Re: IPS engine blocked the attack but "Allowed" & Action "TCP reset from client&q