We' re hoping to setup TACACS or RADIUS so that when we have a new
engineer or one leave we can just remove him/her from the auth server
and not have to go to every FG, but so far it looks like you still have
to put in the username and pswd for every...
Can anyone help me with the definitions of the services that run on the
FortiGates? I think this would be highly helpful to those of us who are
watching high memory or cpu utilization on a specific service but cannot
correlate it to anything. Specifi...
Has Anyone, Ever been able to get a successful site-to-site VPN between
Any Checkpoint to Any FortiGate on Any Code??? We' ve got a Checkpoing
NG R60 HA Cluster trying to connect to a FortiGate 200A on 3.0 code. We
know where the problem lies: Mismat...
You can configure the FG to use the Wildcard option for TACACS. This way
you do not need to provide either the Administrators username or
password. The TACACS server authenticates the administrator, and then
they are given the Access profile you have...
That setting is at UTM-Data Leak Prevention-Rule. We use the following
Regex to scan for US SSNs: (\b|\W)([0-6]\d{2}|7[0-6]\d|77[0-2])([
\-])\d{2}\3\d{4}(\b|\W) It will catch the following: 123-45-6789 123 45
6789 test 123-45-6789 test/123-45-6789 te...
If you do deny all smtp outbound minus your mail server, then you can
reference you traffic logs (if " log traffic" is enabled in the policy)
to see what IPs are getting blocked for mail. many ways to find this
out, but best practice would be to bloc...