Description This article shows how to block geolocations for SSL-VPN and
management access with a local policy. Scope FortiGate v6.x.x and
v7.x.x. Solution Create a geolocation-based address object to block.
Navigate to Policy & Objects -> Addresses ...
Description This article describes how to block a MAC address in
FortiGate using a firewall policy. Scope FortiGate 6.x.x and 7.x.x.
Solution Make an address object with the MAC address of the device which
is needed to be blocked. 2. Enable the Multi...
Description This article describes how to configure an antivirus profile
to upload files to FortiSandbox for virus scanning Scope FortiOS 6.0,
FortiOS 6.2, FortiOS 6.4, FortiOS 7.0, FortiOS 7.2. Solution In the
firmware series FortiOS 6.0, FortiOS 6....
Description This article describes the issue where VPN phase 1 is not
coming up for a route-based VPN and the debug logs are showing the
message: 'ignoring request to establish IPsec SA, gateway is in passive
mode'. Scope FortiGate 6.2, 6.4, 7.0, 7.2...
Hi @watl, The best tools to check packet flow in Fortigate are Sniffer
and flow filter. Sniffer ----> to check in and out interface flow
filter----> to check in detail including gateway and policy being used
to learn how to use these articles:
https:...
Hi @Bapoo55, You can enable ping HTTP and HTTPS through cli as shown
below: config system interface edit -------->SFP1
interface name set allowaccess https http ping end Regards Rajan Kohli
Hi @clfrancisco , Please make sure you have two firewall policies at
least in Fortigate. 1. vpn to lan 2. vpn to wan you can take sniffer to
check traffic flow while pinging on 8.8.8.8 : dia sniffer packet any '
host 8.8.8.8 and icmp ' 4 0 l Regards ...
Hi @Magnitude_8 , Most of the time security policies are required on VPN
Tunnel traffic because it is considered safe traffic at most of the time
but if you wish to have a security policy you can have them on any side
of the tunnel but be aware that ...