Fortigate best practices baseline — Plasmatic Sun fortigate-baseline/baseline.md at main · KevinGuenay/fortigate-baseline · GitHub config system global set admin-telnet disableend adding extended-log for traffic logs. This will […]
Tag: Fortinet
IPSEC Fortigate/Fortinet VPN Config
USE PFS for Phase 2 Auto Neg 2) Add Static Routes on both sides to each other’s Subnets via the VPN Connection Interface created in Step […]
An application was detected, orginating from your system. Please contact the system administrator.
This is because something has triggered IPS A quick fix to temp disable Changed from quarantine to block?Then in quarantine monitor, remove the local 192.168 IP’s?Investigate the blocks in […]
How to Monitor Fortigate/Fortinet Routers via SNMP in Ncentral
On the Fortigate On the LAN Interface ( Gateway Address ) Enable SNMP Enable SNMP with your chosen Community Name Add the Host IP of the local N-able Agent/Server Polling […]
How to Test IP Sec VPN Status on Fortigate HA Secondary Unit
To access the Secondary unit without changing HA Primary unit , which I would advise against if you are not sure of the VPN status run the followingexecute […]
Wireless Guess Wireless Fortigate and Netgear
On the Fortigate , Create a new Interface and assign it to the Uplink of your internet or DMZ with a Vlan ID and Enable DHCPCreate a […]
How to add a routable subnet to a Fortigate VPN connection
When a user VPN into a Fortigate Router , make sure they can access all Subnet available to the router not just the local one :Added security […]
Whitelist Domain marked as “newly observed domain” fortigate
If a website a being blocked from being viewed due to Fortinet web filter with the Category “newly observed domain” This is due to URLs whose domain name is […]
HTML/ScrInject.B!tr – Fortinet False Positive
Fortigate have recently released an AV update on their Fortinet which blocks websites with the following errorhttp://fortiguard.com/search?type=av&q=HTML%252FScrInject.B%2521trA few malware checks on the website shows there are no virus […]
How to enable SIP traffic outbound/inbound on Fortinet/Fortigate
Below changes were added.Added TCP 5060 for SIP(As sometimes this can be TCP/UDP) for all WANSRTP port range 6200 – 6214 added for Inbound for all WANSSIP domains allowed […]
Fortigate/Forinet SSL VPN not Enabling Turning On
A VPN for a new site had been working fine , however disconnected and would not stay ActiveEnabling DebugDisable DebugProduced the below sort of errors : Turns […]
Fortigate ssl-vpn users need to route to different subnet via tunnel interface IPSEC VPN
Users who SSL-VPN into the office need to route to a different subnet which is connected via an IPSEC VPNYou should already have Address Setup for your […]