Technical Tip: WAD (wad-config-notify) process con...

nathan_h · 12-02-2024

Description This article shows that VRF leaking with NP vlink can lessen the CPU usage. Scope FortiGate. Solution NON-NP VDOM Link. Network Topology: FortiTester as Sender -> [User VLAN] VRF 11 - Fortigate 101F [NON-VRF11-0] -> [NON-VRF11-1] VRF 1 - ...

nathan_h · 11-07-2024

Description This article describes how to block file upload when an Excel document contains Social Security Number. The firmware version used in this article is v7.2.10. Scope FortiGate. Solution Configuration: Configure DLP Dictionary: GUI: Security...

nathan_h · 11-06-2024

Description This article describes a solution for lower-end model FortiGate with 2GB of RAM to avoid conserve mode due to ipshelper and high IO wait. Scope FortiGate v7.2, v7.4. Solution This was addressed and fixed in v7.4.6 and v7.6.1 and will be f...

nathan_h · 11-05-2024

Description This article describes how to successfully upload an image when a 'Failed to create Image' error is encountered. Scope FortiSASE. Solution Upload an image on HTML Templates and got an error 'Failed to create Image'. System -> HTML Templat...

nathan_h · 10-22-2024

Description This article describes how to change the login error on Web Filter Block Override. When configuring Authenticate on the FortiGuard Category-Based Filter, it will require the user to authenticate. If the user does not belong to the group t...

nathan_h · 12-17-2024

You can use ISDB on SDWAN rule. We have ISDB for Google.

nathan_h · 09-14-2024

You can try to disable the blocking on the browser. It might be the browser already blocked it and the request didn't reach the Fortigate

nathan_h · 09-14-2024

Hi solo1, As far as I know, you normally don't need select which logs you will forward to them. You just need to send all of the logs to them via Syslog. Their SIEM solution should be able to handle the logs for threat hunting.

nathan_h · 09-13-2024

Hi RSJohan, If you have FortiAnalyzer. you can use Fortiview to check the sessions and from there you will be able to check what ports are used. Keep adding a Firewall Policy at the top and then monitor the original policy if there is still a hit and...

nathan_h · 09-12-2024

Hi Ruelb2214, I understand that Fortigates on the right side are on HA. Since the switch is not a stack, you won't be able to cross connect the LACP. See guidelines below. https://community.fortinet.com/t5/FortiGate/Technical-Tip-Aggregate-link-confi...

User Statistics

User Activity

Technical Tip: CPU usage comparison with VRF Leaking using Non-NP and NP vlink

Technical Tip: How to block Excel (.xlsx) document containing Social Security Number (SSN) via Data Loss Prevention

Troubleshooting Tip: Conserve mode due to ipshelper in lower end models

Troubleshooting Tip: FortiSASE - Unable to upload image on HTML Templates and getting an error 'Failed to create Image'

Technical Tip: How to customize the login error on Replacement Page of Web Filter Block Override using Javascript

Re: SDWAN Rules

Re: FortiOS 7.4.4 Web Filter didnt show replacment message (Blocked Page)

Re: What FortiOS Event Logs should i send to my SOC from my Fortigate Firewall?

Re: Locking down loose policies

Re: LAG connection setup

Technical Tip: WAD (wad-config-notify) process con...

Re: Locking down loose policies

Re: BGP routing strategy with two IPSec Connection...

Troubleshooting Tip: Read-only access when accessi...

Technical Tip: Integrating Linux login with FortiA...

Re: BGP routing strategy with two IPSec Connection...

KCS