Description This article describes ow to avoid False Positives triggered
by the new-released signatures. Scope For version 6.1 and above.
Solution Explanation. New signatures are released frequently by the
Fortiguard servers, so there is a possibilit...
Description This article describes how to add an exception for a
Signature. Scope Solution Explanation. There are multiple ways to add an
exception in the Signature. Let’s take a look at a sample attack log
(Pic1) generated on ForitWeb and then see h...
DescriptionThis article describes about the new HMM Learning Stage
'Unconfirmed' and 'Confirmed' status introduced in 6.4 version, and also
mentions how to overcome the situation where the parameter gets stuck at
'Unconfirmed' and discarded by the ga...
DescriptionOpening of ISAKMP (UDP 500) port on the FortiGate device to
all may cause security vulnerability and ISAKMP DOS attack that would
result in compromising preshared key (if VPN is configured by aggressive
mode) and overloading the CPU with m...
DescriptionPolicy routing enables you to redirect traffic away from a
static route. This can be useful if you want to route certain types of
network traffic differently. In the following network diagram a device
has two wan connections with Port1 bei...
Hi, You can configure Authentication Relay (User
Authentication>Authentication Relay) with Delegation Type set to
'Kerberos" and then call the Authentication Relay in the User
Authentication>User Group (used in the Authentication Policy)
Yes, you can configure FortiADC to authenticate OWA users by using the
client authentication method as the HTML Form. I have shared a sample
configuration. In this example, I am using the LAB Network Environment
mentioned below. Unfortunately, I don'...
As I understand you would like to add a description as well while adding
the Block IP (Please correct me if I am wrong) As of now there is no
option to add the description, so it would be considered as a new
feature request (NFR). You can contact For...
I understand it is a bit challenging to collect the logs from the slave
in those 4 minutes. At least, you can collect ha_config_1.tgz and
ha_config_2.tgz from the master nodes which can be used later to verify
which part of the configuration is not i...