Re: FortiOS 7.2.7 for 1801F notices

Rajan_kohli · 08-13-2023

Description This article shows how to block geolocations for SSL-VPN and management access with a local policy. Scope FortiGate v6.x.x and v7.x.x. Solution Create a geolocation-based address object to block. Navigate to Policy & Objects -> Addresses ...

Rajan_kohli · 07-31-2023

Description This article describes how to block a MAC address in FortiGate using a firewall policy. Scope FortiGate 6.x.x and 7.x.x. Solution Make an address object with the MAC address of the device which is needed to be blocked. 2. Enable the Multi...

Rajan_kohli · 12-30-2022

Description This article describes how to configure an antivirus profile to upload files to FortiSandbox for virus scanning Scope FortiOS 6.0, FortiOS 6.2, FortiOS 6.4, FortiOS 7.0, FortiOS 7.2. Solution In the firmware series FortiOS 6.0, FortiOS 6....

Rajan_kohli · 12-25-2022

Description This article describes the issue where VPN phase 1 is not coming up for a route-based VPN and the debug logs are showing the message: 'ignoring request to establish IPsec SA, gateway is in passive mode'. Scope FortiGate 6.2, 6.4, 7.0, 7.2...

Rajan_kohli · 04-07-2024

Hi @watl, The best tools to check packet flow in Fortigate are Sniffer and flow filter. Sniffer ----> to check in and out interface flow filter----> to check in detail including gateway and policy being used to learn how to use these articles: https:...

Rajan_kohli · 04-07-2024

Hi @Bapoo55, You can enable ping HTTP and HTTPS through cli as shown below: config system interface edit -------->SFP1 interface name set allowaccess https http ping end Regards Rajan Kohli

Rajan_kohli · 03-31-2024

Hi @clfrancisco , Please make sure you have two firewall policies at least in Fortigate. 1. vpn to lan 2. vpn to wan you can take sniffer to check traffic flow while pinging on 8.8.8.8 : dia sniffer packet any ' host 8.8.8.8 and icmp ' 4 0 l Regards ...

Rajan_kohli · 03-29-2024

Hi @Magnitude_8 , Most of the time security policies are required on VPN Tunnel traffic because it is considered safe traffic at most of the time but if you wish to have a security policy you can have them on any side of the tunnel but be aware that ...

Rajan_kohli · 03-17-2024

Hi,   Bud id 887940 will be resolved in FortiOS 7.2.9   Regards

User Statistics

User Activity

Technical Tip: Blocking Geolocations for SSL VPN and management access with a local in policy

Technical Tip: Blocking a mac address in FortiGate using firewall policy

Technical Tip: How to configure antivirus profile to upload files to FortiSandbox for virus scanning

Technical Tip: Debug message showing: Ignoring request to establish IPsec SA, gateway is in passive mode

Re: Trying to understand the packet flow when using Fortigate Firewall

Re: Want to enable ping and web access on SP1 port of FGR-60F

Re: No internet access the user when connected on the Forti Client VPN (IPSEC)

Re: Firewall policy placement for IPsec VPN/SD-WAN

Re: Status LED not being "On" after upgrade FortiOS to 7.2.8M

Re: FortiOS 7.2.7 for 1801F notices

Re: Slow VPN speed

Re: Want to enable ping and web access on SP1 port...

Re: Firewall policy placement for IPsec VPN/SD-WAN

Re: Fortigate60F , Unable to login Via Web Portal ...

Re: FortiGate Web Application Firewall (WAF) conf...

KCS