Hi all,Running 6.2.7, i'm trying to apply two different session profiles
in both IP policies, but with same source IPResult: always match the
first IP policy in order; it seems that the match is triggered just by
source IP and ignore everything else ...
Hello everybody A customer FAZ 1000D running 6.0.8 is showing a
permanent 100% disk I/O usage penalizing the whole operation since a
couple of days( widget screenshot attached) Could anyone please share
some strategies to attack the issue?Who would b...
Hello,Just asking for experiences and comments on the topic.Is anyone
importing Acunetix vulnerability scan results into Fortiweb? Could you
elaborate how do you integrate the xml file within the
configuration?Such integration, does depends on the Fo...
Hello everybody, There's available in-a-box the
'number-of-session-timeline" dataset querying Traffic log this way:
select $flex_timescale(timestamp) as hodex, sum(sessions) as sessions
from ###(select $flex_timestamp as timestamp, count(*) as sessio...
Hello all,in order to obtain a profile of bandwidth usage vs specific
FortiAPs, we found that all relevant an interesting values to build the
dataset are in Traffic Log.There's also a builtin report with
"Top-AP-By-Bandwidth".But, that report shows u...
HelloNo, it can't and it's correct, not a Fortimail issue.A single
domain must not have more than ONE SPF record. Even so, if you want to
force FortiMail to accept email from such domains publishing multiple
sfp records, avoid SPF check in antispam p...
Hisame group id number problems are related with same mac addressess
living in enviroment with more than one cluster present.In doubt, check
your "Current_HWaddr" ( NOT the Permanent_HWadd) for the different
interfaces in your clusters. Use CLI comma...
HiOne (of several) approach: define an IP policy with your exchange's
sender IP address as source IP, apply on it an antispam profile not
checking spf/dmarc/dkim , all the other profiles as you wish.On that IP
policy, check the box "Take precedence o...
Hello NematSpeaking in Fortiweb words, there're two approaches to this:
ssl offloading and ssl inspection.Both enable the waf to inspect HTTPs
traffic for viruses, etc.Main difference is the place where you ends the
ssl tunnel.In ssl offloading, webs...
Hellobefore open a ticket with TAC, consider that you domain to claim
for:nercng.org is suspended at its registrar at this moment (*)there's
NO MX record to send email to. (**)So, its a useless claim for fortimail
issues or gmail problems(*) do a WHO...
