Good day. I'm trying to get FSSO working in a transparent VDOM.
Config:Fortigate: 5.6.5 / 5.6.7. Transparent (PROD) VDOM with
out-of-band mgmt from root VDOM. Management (root) VDOM is in NAT
mode.Fortiauthenticator: 6.0.2 I'm using FortiManager, but...
Just an update for anybody else who may be experiencing this - looks
like a double-whammy for me. I am using virtual wire pair in this VDOM -
it was an existing design to be in transparent mode, then added virtual
wire pair so I didn't have to deal w...
Thanks - Ours is configured as described on that page, but with "out of
band" management. It has worked in the past for LDAP groups, appears it
doesn't work for FSSO.Out-of-band management details and exampleWhen
VDOM is enabled and the VDOMs are ope...
We've been able to block Facebook (and most other social sites)
successfully in proxy mode. The key for us was to turn on SSL handshake
checking, since all of these sites have gone to HTTPS. It doesn't do a
full MITM on the https session, it just che...
I'm doing an upgrade to 5.6.3 and have been using proxy mode for a while
now. The one advantage I see (from reading) is that you can use session
pickup to fail sessions over with flow mode but not with proxy. The docs
are a bit sketchy on this - anyb...
mmclaren@oneit.ca wrote:I saw a site get infected with Locky on Monday.
They had the Fortigate Application Control setup to block the Botnet
category just as SecurityPlus described in post #16. This blocked Locky
from retrieving it's encryption key s...
