Technical Tip: WAD (wad-config-notify) process con...

nathan_h · 03-03-2025

Description This article describes how to fix if the custom category on Web Filter is not being applied with the configured Action after an upgrade to v7.2.11. Scope FortiGate v7.2.11. Solution Custom Category: Web Filter Profile: Firewall Policy: ...

nathan_h · 02-06-2025

Description This article provides a workaround when it is not possible to log in on SSL VPN with SAML Microsoft Entra ID relaying on internal browser in FortiClient v7.4.x. The issue was observed when the FortiGate was upgraded to v7.0.17, v7.2.11, v...

nathan_h · 02-04-2025

Description The article describes how to fix DHCP when switch-controller-dhcp-snooping is enabled on a VLAN FortiSwitch interface. DHCP snooping can be used to prevent rogue DHCP servers. Scope FortiGate, FortiSwitch Solution On CLI: FGT-NAT # show s...

nathan_h · 01-02-2025

Description This article describes how to avoid downtime on a Dial-up IPsec tunnel when performing an uninterruptible upgrade. In this case, it is due to Dial-up IPsec SAs not being synced when the original primary took over the primary role. Scope F...

nathan_h · 01-02-2025

Description This article describes how to add a bare domain (a domain without a subdomain). An example of a bare domain is 'nat.local'. Scope FortiGate. Solution Configure DNS Database on FortiGate. Technical Tip: Different options of configuring DNS...

nathan_h · 12-17-2024

You can use ISDB on SDWAN rule. We have ISDB for Google.

nathan_h · 09-14-2024

You can try to disable the blocking on the browser. It might be the browser already blocked it and the request didn't reach the Fortigate

nathan_h · 09-14-2024

Hi solo1, As far as I know, you normally don't need select which logs you will forward to them. You just need to send all of the logs to them via Syslog. Their SIEM solution should be able to handle the logs for threat hunting.

nathan_h · 09-13-2024

Hi RSJohan, If you have FortiAnalyzer. you can use Fortiview to check the sessions and from there you will be able to check what ports are used. Keep adding a Firewall Policy at the top and then monitor the original policy if there is still a hit and...

nathan_h · 09-12-2024

Hi Ruelb2214, I understand that Fortigates on the right side are on HA. Since the switch is not a stack, you won't be able to cross connect the LACP. See guidelines below. https://community.fortinet.com/t5/FortiGate/Technical-Tip-Aggregate-link-confi...

User Statistics

User Activity

Troubleshooting Tip: Custom Category on Web Filter Action is not taking an effect after upgrade to v7.2.11

Troubleshooting Tip: Unable to login on SSL VPN (48 %) using SAML Microsoft Entra after an FortiGate upgrade to v7.4.7/v7.0.17/v7.2.11/v7.4.8 'error, could not found corresponding saml session 101'

Troubleshooting Tip: DHCP Request from PC is not received when switch-controller-dhcp-snooping is enabled on FortiLink VLAN interface

Troubleshooting Tip: Dialup IPsec SAs are not synced during uninterruptible upgrade (original primary took over the primary role)

Technical Tip: How to add bare domain entry on FortiGate configured with DNS Database

Re: SDWAN Rules

Re: FortiOS 7.4.4 Web Filter didnt show replacment message (Blocked Page)

Re: What FortiOS Event Logs should i send to my SOC from my Fortigate Firewall?

Re: Locking down loose policies

Re: LAG connection setup

Technical Tip: WAD (wad-config-notify) process con...

Re: Locking down loose policies

Re: BGP routing strategy with two IPSec Connection...

Troubleshooting Tip: Read-only access when accessi...

Technical Tip: Integrating Linux login with FortiA...

Re: BGP routing strategy with two IPSec Connection...

KCS

User Statistics

User Activity

You are leaving our website