Technical Tip: Deep inspection with mTLS

ametkola · 12-12-2024

Description How to disable logs being logged and forwarded to FortiAnalyzer. Scope FortiGate. Solution This article describes how the logs can be stopped logging in Memory/Disk and being forwarded to FortiAnalyzer from certain firewall policies. In t...

ametkola · 11-18-2024

Description This article describes the behavior of FortiGate losing the FortiAnalyzer serial number from the settings. Scope FortiGate. Solution In this example, FortiGate runs in v7.2.8 managed by FortiManager v7.2.5, where the FortiAnalyzer IP addr...

ametkola · 10-09-2024

Description This article describes the behavior of mTLS traffic when deep inspection is used. Scope FortiGate. Solution The topology below is an example of SSL inspection with a flow that uses mTLS. The FortiGate is set up as an explicit proxy receiv...

ametkola · 09-27-2024

Description This article describes the behavior of not showing any information under 'Device Information' after a firmware upgrade. Scope FortiOS v7.4.5 Solution Device information is empty and is not possible to see what device is connected to which...

ametkola · 08-19-2024

Description This article describes how to solve SFTP connection failure with a proxy mode inspection policy and deep-inspection certificate. Scope FortiGate. Solution An example below shows when connecting to SFTP, a host key is prompted to load when...

ametkola · 12-16-2024

Hello, The documentation below from Fortinet gives a details brief regarding the script on how to manage the Fortigate. https://docs.fortinet.com/document/fortimanager/7.6.1/administration-guide/990788/scripts If it doesn't help the Fortimanager team...

ametkola · 11-29-2024

Hello @zero_net , We usually see this error when there is no policy to the destination.You can check the Policy Lookup feature at the top of the firewall policies page to check if any policies will correctly allow the traffic. Go through also the art...

ametkola · 11-22-2024

Hello @RolandBaumgaertner72 , As per the checking, the FortiGate _30G can go until v7.2.8. Regards,

ametkola · 11-22-2024

Hello @wangkuowei , As Jason recommended during the firmware upgrade is recommended to follow the upgrade path so that in case anything breaks you can verify on which version is impacted. Also, you can check the release notes for the known issues and...

ametkola · 11-22-2024

Hello @AHJARR , If the web filter is not able to block the expected traffic using Chrome or Microsoft Edge. You can go through the article >> https://community.fortinet.com/t5/FortiGate/Technical-Tip-Web-filter-is-not-blocking-websites-on-Google/ta-p...

User Statistics

User Activity

Technical Tip: Disable certain logs being forwarded to FortiAnalyzer

Troubleshooting Tip: FortiGate intermittently loses FortiAnalyzer serial number

Technical Tip: Deep inspection with mTLS

Technical Tip: Device Information not shown under FortiSwitch Ports

Technical Tip: Authentication fails with SFTP connection on a proxy mode deep inspection profile

Re: Script to manage Policies

Re: SSLVPN web mode - "SSL VPN Proxy Error. Reason: Access Denied."

Re: New 30G modell - cant activate AV profile

Re: How can I upgrade the firmware of my FGT-101F from FortiOS v6.4.11 build 2030 to FortiOS v7.6.0

Re: SSL Deep Inspection not working with Chrome and Edge browsers and web filtering

Technical Tip: Deep inspection with mTLS

Re: Fortimanager VM connect fortigate error

Re: FortiOS 7.4.4 Web Filter didnt show replacment...

Re: FortiOS 7.4.4 Web Filter didnt show replacment...

Re: Difficulty Finding SSL VPN Configuration on Fo...

Re: SSL VPN supported on FGR-60F

Re: Difficulty Finding SSL VPN Configuration on Fo...

KCS