Not technical, but (hopefully) helpful list of tips learned the hard way by myself or from others before me. Color code your Terminal/CLI sessions. All terminals have this feature, I use SecureCRT and change background of the saved sessions according to the importance - backbone black, production - gray, lab - light …

Every technical field has its own jargon/abbreviations and it is true for the Fortinet world as well. The picture below lists major products with their code names as used by the community. I also write cheat sheets/scripts/guides to help in daily work, so make sure to check …

Table of Contents Introduction Step by step instructions for CLI Instructions for GUI Introduction I want to talk today about the safety switch the Fortigate has for us when changing its configuration and something goes wrong. Most reputable vendors have such rollback-if-sh*t-happens - Juniper has commit confirmed , Cisco routers …

Table of Contents fnsysctl ifconfig fnsysctl ls fnsysctl cat fnsysctl date fnsysctl df fnsysctl du fnsysctl pwd fnsysctl ps fnsysctl kill fnsysctl killall fnsysctl mv fnsysctl printenv fnsysctl grep Important facts about fnsysctl command: You have to log in with a user having super_admin profile. For VM Fortigate, it has …

Table of Contents Some Facts Why Some Facts Free-style filtering is per category, so any filter you configure is for a specific category of logs only, e.g. Events, UTM. You can filter on ANY field in the raw log Value for the filter allows wildcard * which matches anything. Behavior …

When trying to switch a Fortigate from NAT mode to the Transparent one, we get an error about Fortilink interface being used. The official docs just say to delete Fortilink from all used settings, but not how. This article shows where and how. The error: config sys settings set opmode …

Blogs and other resources to read on Fortinet products - Fortigate, Fortianalyzers, Fortimanager and such Here are some Fortinet-related technical blogs I read. If you have additional blogs/sites to recommend - send me to add. https://www.ultraviolet.network/blog Matt Sherif’s blog. Matt is a System Engineer at Fortinet …

Table of Contents Collection Important facts All about email alerts Debug Automation Stitches Collection Collection I collected some Fortigate automation stitches I use in production systems to either alert me in real time on outstanding events, or run debug/maintenance action without manual intervention. The collection is here https://github …

Help, my networks talk to a prisoner. This was a funny one - client saw lots of DNS queries passing the Fortigate addressed at the prisoner.iana.org and was worried what this was about. No worry - it just means (misconfigured) clients in the LAN are trying to get PTR records …

Do not use sFlow in Fortigate - use Netflow instead I was approached last month by 2 unrelated Fortigate admins with the same problem - slow performance of otherwise very beafy Fortigate models. After some digging in the configuration the culprit was found - there was enabled on WAN interface sFlow. sflow collects …