Received the below question regarding Greylisting in an Active – Active HA environment. The answer is below as well! Can Greylisting be used in an active/active High availability enviroment (with 2 mx records pointing to 2 fortimails)? I mean: When an email comes and gets greylisted by fortimail#1, if the second attempt comes to […]
Questions
How to see errors and discards on FortiGate interfaces
Question: How do I go about seeing interface statistics such as discards, errors etc? I get this question a lot and figured I would make a post about it to help the masses. There is a simple way to do this. In the CLI there is a command called “fnsysctl” that you can expand upon. […]
FortiClient Issues With Mac OS Sierra
A client of mine stumbled across this issue and after some digging it appears to be fairly common. In my experience, FortiClient tends to have more issues with Mac OS in general. For this particular problem though I have had success by rolling back the FortiClient. Downloading the latest from FortiClient tends to be the […]
Indexing of Old Archived Logs on FortiAnalyzer
Question: The FortiAnalyzer divides logs into indexed and archived. Once an old log is archived, can this be brought back in order to be indexed? Answer:# exec sql-local rebuild-db http://kb.fortinet.com/kb/documentLink.do?externalID=FD36458 Awesome tip from Paulo R on the Fortinet Forums. See the thread by clicking here
Custom FortiAnalyzer Report To See Blocked URLs for a Category
Ian on Fortinet’s forums asked a good question. You can see the question below: Hi I want to create a report that allows me to select a category and then to list all the activity for users where the URLS match that category. For example a report that lists user name, source IP, date time, […]
Extended-UTM-Log Enable Error
I received the following question through my consulting form: Question: when configuring application list, setting the “extended-utm-log” the I got the following error: burgfg01 (list) $ edit “RogersStandard” new entry ‘RogersStandard’ added set extended-utm-log enable burgfg01 (RogersStandard) $ set extended-utm-log enable command parse error before ‘extended-utm-log’ Command fail. Return code -61 ——— Please advise. Thanks […]
SSL Inspection – Office 365
I saw this post over on the Fortinet Support forums and wanted to cross post it here in case no one has experienced this issue. Always check the web filter and make sure domains are rated properly! Some situations it makes sense to allow websites if they are unrated or if a rating failure occurs. […]
AV Throughput Removed From DataSheets
So, I am sure some of you have been running around a little bit like chickens with your heads cut off about that fact that the data sheets no longer list the AV throughput. Don’t worry, this is by design. They are switching to NGFW values for these to compete with Palo Alto and the […]