Do you know what is the reason for not having LACP (802.3ad) support for
models bellow 200B? I do not think that is resource intensive for
memory/CPU and it would be a nice to have feature.
http://kb.fortinet.com/kb/documentLink.do?popup=true&externa...
How to configure Fortigate to protect users from SSL certificates issued
by DigiNotar? According to
http://www.f-secure.com/weblog/archives/00002228.html a lot of rogue ssl
certs are in the wild. It' s enough to un-check " Allow Invalid SSL
Certifica...
What does scanunit do? Do you know what for are these parameters?
diagnose test application scanunit 10: Enable PCRE 11: Enable PCRE_MED
12: Enable PCRE_HI 13: Disable IMAGE 14: Disable SENDERID 15: Disable
DKIM 16: Enable FGDSTATS SENDERID, DKIM see...
I am testing IPS signature for CVE-2015-7547. I only enabled logging so
I could do more tests. config ips custom edit "CVE-2015-7547-UDP" set
action block set comment "GlibC name resolution bug" set location client
set os Linux set protocol DNS set s...
To narrow your searches run:diagnose sys checkused user.ldap.may be used
by table user.fsso.ldap-servermay be used by table
user.fsso-polling.ldap-servermay be used by table
user.local.ldap-servermay be used by table user.peer.ldap-servermay be
used ...
According to
http://docs-legacy.fortinet.com/fos50hlp/50/index.html#page/FortiOS%205.0%20Help/new-features-5.0.5.005.18.html"FortiGate
units in the 2U or High-End categories (models 1000 and above) can now
be configured to have a dedicated management...
According to
http://kb.fortinet.com/kb/documentLink.do?externalID=FD36915 when you
enable strong-crypto you should not see CAMELLIA cipher suite.Maybe you
didn't set ssl-dh-bits in config wanopt ssl-server or maybe in config
firewall ssl setting