Description This article describes the challenges of integrating a
FortiGate into an IBM Q-RADAR SIEM solution. Scope FortiGate. Solution
The integration of FortiGate or Forti Analyzer to the IBM SIEM solution
might not work as expected. The configur...
Description This article describes the challenges in tunnel failover if
a remote vendor is a non FortiGate. Scope FortiGate. Solution In cases
with multiple IPsec tunnels for failover purposes, FortiGate has
multiple options to perform failover. Use ...
Description This article describes the issue when the explicit proxy is
not listening even after configuring it under proxy settings. Scope
FortiProxy. Solution While configuring the explicit proxy feature in the
FortiProxy device, the interface is n...
Description This article describes how to create a local DNS database
and make FortiGate respond to local DNS queries. Scope FortiGate.
Solution In some use cases, users need FortiGate to respond to local DNS
queries. So in case the listening interfa...
Description This article explains if the FortiGate firewall is adding
the correct relay information while forwarding the request to another
server. Scope FortiGate. Solution Some LAN networks require an IP
address through a DHCP server which is behin...
Hello, Seems you are moving to the new product, we do have the feature
you mentioned. The difference is we call it as central NAT , it is up to
you how you want to utilize it. If you operate in central NAT mode you
can have all your NAT rules in one ...
Hello , I think you want to block geolocation address while allowing it
for a particular location or source range. You can achieve this by
simply using local in policy. By default the action is to deny for these
policies. So you have to follow the be...
Hello, As we understood you have already working Vlan subnets which
needs to be modified . Best way is to create Vlan but do not assign IP
for the moment (put unused dummy ip). However as you mentioned you
already have static addresses on Printer and...
Hi , It depends on you, if your downstream switches have multiple Vlans
configured and you just have a reverse route pointed towards the SW on
Fortigate,,,in this case you can simply create a rule with your physical
interfaces. And if you have vlans ...
Hi, It is expected only if you use SDWAN. However for your VIP (DNAT)
configuration you can map your dedicated interfaces . Your wan
interfaces would be listening to the incoming requests from outside. Yu
can also mention it as 0.0.0.0 as external on...
