Hi, I have query on how licensing works when we configured Fortianalyzer
in analyzer and collector mode. If we have one layer of collector which
collects logs and does Archive storage and another layer of
Fortianalyzer in analyzer mode which receives...
Hi, Whether a GRE interface can be added to SDWAN member interface??
Currently we have a scenario, where forward traffic will be sent our
through one physical interface (Internet) and return traffic will be
through GRE built on top of same physical i...
Hi, I have a query.. whether fortigate firewall can detect the
application in proxy traffic. In our Fortinet SDWAN topology, My
endclient from a spoke location uses a proxy server at hub location for
any internet access. In the firewall policy at hub...
Hello, I am stuck with an issue on webfilter profile. My requirement 1
Need to allow https://www.abcde.com (Which is allowed by default by
webfilter policy) 2 Need to create a URL filter to block
https://www.abcde.com/ghijklm I tried using simple in ...
Hello All, I was trying this in my lab There is one HUB and two spokes
in my SDWAN topology Spoke1 has 4 overlay interfaces ADVPN_M1, ADVPN_M2,
ADVPN_M3, ADVPN_M4.. M1 to M4 are private links (Like MPLS) which has
reachability between them as well.. ...
Thanks for the update, so the per day data ingestion license of 35GB/day
is for analytics + Archiving or just for Analytics?. Because collector
does archiving and FA in analyzer mode just does Analytics - Sql
indexing etc.. Can you clarify whether to...
We have an external security services which inspects all return traffic
and hence GRE tunnel from that device to Fortigate device. But I guess,
SDWAN interfaces will be consider as one single logical interface and if
bundle GRE interface into SDWAN ,...
Thanks for your reply. Our primary objective is to have these
applications in the reporting and we are not looking for any traffic
steering in SDWAN based on application destination. So the takeaway from
this post is, an endclient when accessing any ...
Thanks for your reply. Since the proxy traffic runs on 8080 its not
encrypted, so effectively fortigate will be able to deduct all possible
applications/websites (As available in Application control database).
Our primary objective is to have these a...