how to configure a local-in policy on a HA reserved management interface. Scope Administrators can configure a local-in policy through the CLI with various services and source and destination addresses to have precise control over the specific traffic heading towards FortiGate interfaces.Firewal...| community.fortinet.com
I am attempting to setup an ipsec Ikev2 VPN using the Windows Native Client. The attempt to connect fails immediately with the "IKE authentication credentials are unacceptable" error. I have found this article: https://community.fortinet.com/t5/FortiGate/Technical-Tip-IKE-authentication-credential...| community.fortinet.com
I have a Fortinet device that has been decommissioned by my company. I use it at home for lab work and study, but the licenses have expired, even for firmware updates. Is it possible that there is no home lab evaluation license for those who use it outside of a professional enterprise environment? I...| community.fortinet.com
I have a question: We have Fortigate on AWS, and the WAN IP is delivering the AWS public IP: However, a LAN IP is configured on the Fortigate interface: To set up an IPSEC VPN, I obviously have to point to “WAN IP” 54, but how will this communication work if the WAN interface has a LAN I...| community.fortinet.com
Hi Friends, I need some help and I hope you all will assist me. I have a problem with a FortiGate firewall. I’m using FSSO (Fortinet Single Sign-On) in agentless mode to communicate with the Active Directory (AD) server for user authentication. The AD server is located at the data center (DC), and t...| community.fortinet.com
Hello, Team! I’d like to ask about our FortiGate 300E. Its license will expire in January next year, but I saw online that its EOL (End of Life) is in July 2026. If we don’t plan to buy a new firewall next year and instead move the purchase to 2027, should we still renew the license? Also, if we ...| community.fortinet.com
Hi, I’m trying to use FortiAnalyzer (FAZ) to monitor IPsec tunnel down events in a large-scale SD-WAN. Event Handlers are in place and SMTP email alerts are configured, but I’m seeing: IPsec down events don’t always generate alerts. FAZ is at HQ. When the branch-to-HQ IPsec tunnel drops, FAZ d...| community.fortinet.com
Hi FNAC admins and It seems on FortiNAC-F 7.4 and 7.6 (didn't test on 7.2), when doing enter-shell the user admin can't do sudo. Is there a special way to do that or has it just been removed?| community.fortinet.com
One of the suppliers has recently changed their email provider, and FortiMail is now quarantine messages from them with a SPF Failure. Their domain is manulife.com. Their SPF record has syntax I haven't seem before. There is an include with what I think is macro syntax. Their SPF record is: ...| community.fortinet.com
Hello everyone, I have a question. Thank you. My FortiGate 401F is used as the data center egress firewall, establishing IPSEC tunnels with firewalls at various branch sites. The headquarters has a fixed public IP address, while the branches do not. The branches access the Internet via PPPoE dial-up...| community.fortinet.com
Hi, Which Firewall model is recommended for an average organisation for the user counts mentioned below with NGFW capabilities? 250-500 users 500-750 users 750-1000 users Thanks in advance| community.fortinet.com
The community is a place to collaborate, share insights and experiences, and get answers to questions.| community.fortinet.com
and itemizes key credentials to maintain in order to assure strong security best practices. Administrators are advised to periodically refresh these credentials, in addition to giving particular attention in any event where an organization may need to give heightened attention to security. It is str...| community.fortinet.com
the standard procedure to format a FortiGate Hard Disk, which is used for logging purposes.If the procedure fails, refer to this article. Scope FortiGate (all versions). Solution Note 1: If necessary, consider performing a backup of logs before formatting (see details below). Note 2: In an HA ...| community.fortinet.com
This article explains how to verify the checksum of firmware which has been downloaded from the Customer Service and Support web portal.The download section provides a means to obtain firmware images and also retrieve firmware image checksums. Scope Firmware download. Solution The integrity of a...| community.fortinet.com
the steps to take when there is evidence of compromised device integrity on the Fortinet devices. It’s possible that a device may become corrupted, for example due to power issues, abrupt turn-off, or maybe environmental anomalies, or in some cases of malicious activity. In such cases it is import...| community.fortinet.com