Lavatelli IT Blog Site
I’ve checked the “log violation traffic” on the implicit deny policy in both the GUI and CLI and it is on (which I believe should be the default anyway). As a test I also created a policy singling out some specific traffic and set the action to deny, with logging enabled. The traffic is blocked …
When Dynamic DNS (DDNS) is enabled on FortiGates, VPN Manager supports DDNS. First VPN Manager searches for the interface IP for IPsec Phase2. If no IP is found, then VPN Manager searches for DDNS. You can use FortiManager and the CLI-only objects menu to enable DDNS on each FortiGate device. The CLI-only objects menu is available in the Device …
Technical Note: SNMP ifDescr missing in FortiOS 5.4 Description With FortiOS 5.2, and lower the “ifDescr” OID is systematically filled in with the interface name. This behavior was not compliant as per RFC 1213 that states: “ifDescr should be filled in with a textual string containing information about the interface. This string should include the …
Description The DNS translation feature available in the FortiOS firmware is designed to modify the DNS reply from a DNS server. It is typically used to allow internal users of a network to access resources with their private IP addresses, hence can simplify the firewall configurations. A network diagram is provided below with an example that illustrates …
Products FortiGate Description This article describes a solution for the following requirement : A user located to an internal LAN needs to access a server located on an internal LAN or DMZ by using however a public Virtual IP on the Fortigate. External users also access the same server via the “external” port. The following …