Fortinet Community

echo · 07-27-2022

I have a bit of confusion about IPv6 and SLAAC. I am testing this before trying to use it for our public wifi network. My problem is with preferred and valid lifetimes which are set as 7 days and 30 days respectively by default. I tested with a Win20...

echo · 07-01-2022

I have used mgmt ports on fgt's in the past without problems: I have two HA clusters, each one of them has their own IP in one and the same network and I used NAT in the firewall rule to get access to the other cluster which was not the main cluster....

echo · 05-19-2022

Hello!I want to implement Decrypted Traffic Mirror feature but I haven't seen a Fortinet document that would explain the Destination MAC meaning. What is it?1a. The MAC for the webserver whose decrypted traffic will be mirrored?1b. The MAC for the ca...

echo · 12-02-2021

I have a question in understanding certain FortiAnalyzer logs, ver 6.4.7. Webfilter blocks access to a certain webpage and categorises is as Phishing. When I tested access and checked logs in FortiView, found the problematic entry, doubleclicked and ...

echo · 09-13-2021

Hello!There is an article: https://kb.fortinet.com/kb/documentLink.do?externalID=FD47803I want to know what is the situation from a general viewpoint.1. If FGT sends RST packet and the SEQ number is wrong and the packet is discarded by the server and...

echo · 08-01-2022

TL;DR: It may be that I resolved the issue. It was about too short timers. When setting it to 3600/1800 all started working normally.Here's more for those who want to know the details.I thought maybe the Win2019 server is not really meant for SLAAC b...

echo · 07-13-2022

My purpose is not to get it out of band because I don't need it, it will make it more complex although more reliable in general. I only want to have separate IP's for management and in band. It looks like out of band mgmt requires everything doubled:...

echo · 07-12-2022

I thought about the routing from one of our switches. I feel that I'd better not do that unless I can test it but building a test environment seems as good as impossible at the moment. Because if the switch starts accepting and deciding about routing...

echo · 07-04-2022

Yes, we have switches that can route but we haven't used those switches for routing to keep the whole design as simple as possible. I have to think about it, what would it mean in our environment to use that routing and what else needs to be configur...

echo · 07-04-2022

Thanks for the efforts to clarify!The first part in the above reply seems to need another device for mgmt and that I'd rather avoid. Getting the mgmt out-of-band has not been a goal for me (so far). The addendum part is closer because then the same F...

Fortinet Community

User Statistics

User Activity

IPv6 address lifetime

mgmt interface configuration

Decrypted Traffic Mirror questions

How to understand Fortianalyzer logs

Question about packet handling

Re: IPv6 address lifetime

Re: mgmt interface configuration

Re: mgmt interface configuration

Re: mgmt interface configuration

Re: mgmt interface configuration

Re: Decrypted Traffic Mirror questions

Re: Whitelist Pentester IP Addresses

Re: FortiOS Upgrade to 5.6.3

Re: Site-to-Site VPN with Dial-UP addressing Mode

Re: DHCP client false positive for IP address conf...

News & Articles

Security Research

Company

Contact Us