Hi. I have a wildcard certificate, with a deadline of one year. I also
have several servers. I thought that I would use own certificates inside
the network.For external guests - Forti will replace this certificate
into a wildcard certificate for each...
Hi I have FortiGate 200F. I detect various disturbing connections from
different addresses. At the moment, the intense ones - I manually add to
the blocked. Unfortunately, it is not effective and very engaging.These
addresses are usually on some blac...
Hi I have deployed Fortigate 200F. Now... Log & Report > Forward
Traffic: Source IP - computer1 with IP .57 Device is identified as -
computer2 with name ...ON But the IP of the identified device is: 2.10
(computer3) The system is not Android. MAC ad...
SOLVED - I changed Inspection Mode from "Flow-based" to "Proxy-based"
for the policy. I didn't have to change it for every polices. This
server on proxy, others work great on flow.Can you confirm that I have
configured this correctly? Just because so...
Unfortunately, the white list is not an option. OK, I'll try what you
advise. You mention about IPS rules. I set up WAN to DMZ traffic with
IPS "high security" which means - "Blocks all Critical/High/Medium and
some Low severity vulnerabilities". But...
Hi @Anonymous Thank you for your answer. Why is vlan such a problem in
device recognition for Forti? After all, I can see these devices on the
network with the correct mac, ip, name. Second question - as you can see
Forti basically recognized the dev...
It looks like this Spoiler (Highlight to read)Spoiler (Highlight to
read)I have a lot of policies because I split them out of curiosity,
which is the most effective.Many of the logged addresses appear on
blacklists. When I add the most bothersome add...
Thank you all for the tips. The easiest for me was from @dairu. I added
a few lists, but for example I was not able to add:
(bad format). I also created my own file where I manu...
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.