Hi all,Running 6.2.7, i'm trying to apply two different session profiles
in both IP policies, but with same source IPResult: always match the
first IP policy in order; it seems that the match is triggered just by
source IP and ignore everything else ...
Hello everybody A customer FAZ 1000D running 6.0.8 is showing a
permanent 100% disk I/O usage penalizing the whole operation since a
couple of days( widget screenshot attached) Could anyone please share
some strategies to attack the issue?Who would b...
Hello,Just asking for experiences and comments on the topic.Is anyone
importing Acunetix vulnerability scan results into Fortiweb? Could you
elaborate how do you integrate the xml file within the
configuration?Such integration, does depends on the Fo...
Hello everybody, There's available in-a-box the
'number-of-session-timeline" dataset querying Traffic log this way:
select $flex_timescale(timestamp) as hodex, sum(sessions) as sessions
from ###(select $flex_timestamp as timestamp, count(*) as sessio...
Hello all,in order to obtain a profile of bandwidth usage vs specific
FortiAPs, we found that all relevant an interesting values to build the
dataset are in Traffic Log.There's also a builtin report with
"Top-AP-By-Bandwidth".But, that report shows u...
Not exactly; if you've defined a wan->lan policy with source 'all' you
could be opening something you don´t need.Check docs for deny policy and
match-vipThis one for
instance:https://community.fortinet.com/t5/FortiGate/Technical-Tip-DENY-Policy-for-V...
Hello AekI don´t know if I fully understand your post: are you asking
for an alternative solution to solve your special setup?I don´t see your
approach as a 'dirty' one;If you're checking SPF records with a
quarantine action if failed, your FML is wo...
Hello Flo"I am aware that using FQDN address objects would circumvent
this problem, but in my case, the Fortigate is also acting as the DNS
Server." I'm afraid you have the correct answer in your post.Fortigate
as a DNS server is a bad idea (IMHO), u...
Hello "unknown1020"?everything is denied unless it's explicit allowed is
the basic rule of a new and correctly configured firewall.That policy is
located at the bottom of the list; and you add your policies allowing
specific traffic or denied.If you ...
