Table of Contents Intro Local/Static Domain Filter Remote Category Fortiguard-based Categories Domains Feed IP addresses feed DNS Translation Applying the DNS Filter Profile on the Fortigate Interface Protecting Internal DNS Server Inspecting Encrypted DNS Traffic Debug and Verification Intro Few facts to remember: The DNS query/response traffic HAS …
Table of Contents Important facts to know Static URL Filter FortiGuard Category based Web filtering Category cache verification Action - Authenticate Allow User Override Usage Quota Custom/local Categories and Web rating Override Remote Category filter for external threat feed Search Engines Safe Search and Vimeo Rate by both IP Address …
Table of Contents Important facts Block downloading PDF and MP4 files (FortiOS up to 7.2.4) File Filter (all versions of FortiOS, no lic needed) Fortigate up to 7.2.4 Fortigate 7.2.4 or newer Block uploading/downloading documents containing SSN or/and Credit Card numbers (7 …
Table of Contents Intro Decide whether to use Wildcard user on FAZ/FMG/FGT or only specific users. RADIUS Configuration - Windows NPS Install Network Policy Role (NPS) Open NPS management console Integrate NPS with local Active Directory Create in NPS console RADIUS clients signifying each network device (FGT, FAZ, FMG …
I already wrote how to delete the default admin account from the Fortigate https://yurisk.info/2021/06/09/rename-or-delete-default-fortigate-admin-administrator-account/, and today I will show you how to do the same in Fortianalyzer, Fortimanager, and Fortigate. Video: Your browser does not support the video tag. I also write cheat sheets …
I already wrote tips for upgrading your Fortigate HA cluster https://yurisk.info/2023/06/18/tips-on-upgrading-fortigate-in-ha-cluster/ , but didn’t include screenshots of the upgrade to illustrate what actually happens. Today I fix that - below are screenshots of the cluster upgrade I did, with description. It will be helpful to …
Not technical, but (hopefully) helpful list of tips learned the hard way by myself or from others before me. Color code your Terminal/CLI sessions. All terminals have this feature, I use SecureCRT and change background of the saved sessions according to the importance - backbone black, production - gray, lab - light …
Every technical field has its own jargon/abbreviations and it is true for the Fortinet world as well. The picture below lists major products with their code names as used by the community. I also write cheat sheets/scripts/guides to help in daily work, so make sure to check …
Table of Contents Introduction Step by step instructions for CLI Instructions for GUI Introduction I want to talk today about the safety switch the Fortigate has for us when changing its configuration and something goes wrong. Most reputable vendors have such rollback-if-sh*t-happens - Juniper has commit confirmed , Cisco routers …
Table of Contents fnsysctl ifconfig fnsysctl ls fnsysctl cat fnsysctl date fnsysctl df fnsysctl du fnsysctl pwd fnsysctl ps fnsysctl kill fnsysctl killall fnsysctl mv fnsysctl printenv fnsysctl grep Important facts about fnsysctl command: You have to log in with a user having super_admin profile. For VM Fortigate, it has …