Where do I download Fortigate free trial VM?

Where do I download the free trial VM of the Fortigate? Probably the most frequent question I get asked. And not to stop at the answer "support.fortinet.com", here is a video walk-through. The version you download has built-in 15 days trial license, which comes with some limitations you …



Fortigate new Workspace Mode to commit changes in a batch - with an example of changing default gateway

Table of Contents Introduction Important facts about WorkSpace Mode Example - change WAN IP address and default gateway Let’s start WorkSpace session. Do the configuration we need Verify Commit the changes and finish the session Introduction Fortigate saves and applies changes made on CLI immediately after you issue end / next …



Fortigate CLI Tips to avoid costly mistakes, save time, and make you more effective

Table of Contents Benefits of using CLI Use get inside any configuration subtree to show currently active settings for this module grep - the Secret weapon for searching the configuration and diagnostics Navigating the CLI Use select, append, unselect to avoid costly mistakes Disable screen paging to get rid of --More-- …



How to request Google, Cloudflare, and OpenDNS/Umbrella DNS servers cache clearing for your domain records

It is rare for these well-known DNS providers to cause problems to your domain records, but everything is possible. More often though, you may need to refresh some DNS record of your domain sooner than its TTL expires. Below you will find links how to do so for the aforementioned …



Cisco router - disconnect VTY user forcefully without reloading the router

Today's log. - Alert on a suspicious connection via ssh to the VTY line of the Cisco ISR 1100 router. - Logged in to the router, saw an established connection from IP belonging to Chinanet ISP (the router is in Israel) to the port 22. The router was compromised as someone removed …



Check Point Certified Troubleshooting Administrator (CCTA) 156-580 Exam Preparation Tips and Impressions

The following, I hope, will help you to prepare better for the exam as there is no information I could find anywhere. Note Links to all the resources I mention in the text are at the end. Also, for obvious reasons this article does not contain actual questions from the …



You CAN and probably should rename/delete the default admin user on Fortigate, here is how

Many best practices in security and regulations (PCI-DSS, NIST 800-53) demand or recommend renaming/deleting the default administrative accounts that come with the equipment. And every Fortinet product comes with the admin account built-in. Some people are afraid to lose administrative access by such changes, but with the Fortinet Fortigate …



Fortigate - doing SNAT and DNAT on the same traffic in traditional and Central NAT modes how-to

Table of Contents Translate source IP address (SNAT) and Destination IP (DNAT) in usual, non-Central NAT mode Configuration Verification: Translate Source and Destination IP addresses when the Central NAT is enabled Configuration Verification CLI configuration Related: When the situation requires to translate both - source and destination addresses in incoming packets …



Checkpoint API tutorial, part 1 - getting started

In this, 1st part of tutorial series, I will show how to enable remote access to API on Checkpoint Management Server, verify that it is running and is indeed enabled for remote access, and create first Network object - Host via HTTP request. All this I will do in Postman software …



Fortianalyzer diagnose and debug cheat sheet

Table of Contents General Health Communication debug Logs from devices Licensing Example debug session on Fortianalyzer Show connected to the FAZ devices General state of FAZ (version, serial, HA status, license status) Performance stats (appliance FAZ will have more data) Running processes and CPU load Logging devices with quotas for …