Description This article describes best practice recommendations for an
HA reserve management interface when it is connected via FortiLink.
Scope FortiOS, FortiSwitch. Solution For the purposes of focusing on
specific details, this article only discu...
Description This article describes how to perform the a common task of
migrating managed devices such as FortiSwitch and FortiAP when migrating
from one FortiGate device to another. Scope FortiSwitch, FortiAP,
FortiGate. Solution Before migration, it...
Description This article describes how to resolve behavior with a device
already connected through wired connection and an attempt to connect to
WiFi with SAML authentication. See Technical Tip: Wireless
Authentication using SAML Credentials and Azur...
Description This article describes how to leverage FortiGate's NGFW
firewall capabilities to inspect application layer or payload of a
packet and block usage of Google applications using application
signatures. Scope FortiGate. Solution Google Drive ...
Description This article describes that it is common practice with SSL
VPN portals to enable split-tunneling while using the 'Enabled Based on
Policy Destination. Option allowing connected users to that SSL VPN
tunnel to routes or subnets based only ...
Yes local user authentication would be on the fortigate itself. You
would in this case create the user account locally on the firewall and
use that account or group on firewall policy similar to the example on
the article link below:
https://communit...
Hi luky, Thank you for reaching out. Unfortunately WAF does not have
such override feature. You can try setting up a policy with no WAF while
the source includes a local user account or user accounts from other
authentication servers such as ldap, fs...
Hi Raffaeldp, Thank you for your input. the "redirect" action is a block
action as far as I know. When forward traffic action is "Deny UTM
blocked" therefore it makes sense that the url is being blocked by UTM
in forward traffic
logs:https://docs.for...
Hello Julianeldef548, Thank you for reaching out. Your first block of
security would have to be a firewall with NGFW capabilities. Fortigate
is an NGFW which does offer United Threat Management UTM options
suitable for the task you are trying to achi...
Hi Aidnet, Thank you for reaching out. This sounds like a traffic issue.
I assume the overlay interfaces are ipsec tunnels and phase1 and 2 on
the tunnel is up. I assume also that phase 2 selectors have correct
subnets on both ends if applicable. You...