Fortigate - doing SNAT and DNAT on the same traffic in traditional and Central NAT modes how-to

Table of Contents Translate source IP address (SNAT) and Destination IP (DNAT) in usual, non-Central NAT mode Configuration Verification: Translate Source and Destination IP addresses when the Central NAT is enabled Configuration Verification CLI configuration Related: When the situation requires to translate both - source and destination addresses in incoming packets …



Checkpoint API tutorial, part 1 - getting started

Table of Contents Introduction Enable API remote access and verify Create authenticated session, record session identifier Create a login session Create a Host object and publish the result Verification In this, 1st part of tutorial series, I will show how to enable remote access to API on Checkpoint Management Server …



Fortianalyzer diagnose and debug cheat sheet

Table of Contents General Health Communication debug Logs from devices Licensing Example debug session on Fortianalyzer Show connected to the FAZ devices General state of FAZ (version, serial, HA status, license status) Performance stats (appliance FAZ will have more data) Running processes and CPU load Logging devices with quotas for …



Fortianalyzer Custom Reports from Custom Datasets Visual Guide How-to

In this short visual guide I will show how to create a custom report from your own SQL query in Fortianalyzer. Fortianalyzer comes with plethora of datasets and reports defined - more than 800. My issue with all of them - they are overly complex and are geared more towards C-level management …



Fortigate FortiOS 7.0 is out - what's new Visual Guide

On 30th of March Fortinet released FortiOS 7.0 for all the supported models (alas, many D series Fortigates like 500D, are not supported), and here is the visual walkthrough of changes that can be seen in GUI. Note All the videos below come without sound. New color themes were …



Fortigate VM Evaluation License 15 Days Limitations Explained

Update August 2022: All the said below is still true, but starting with FortiOS 7.2.1 the process of issuing the evaluation license has changed. So, after reading this article, make sure to read this one as well: Fortigate free VM Evaluation License is now permanent, not limited to …



Failed to connect to Fortiguard servers verification and debug

Fortiguard is a subscription based service from Fortinet, where your Fortigate queries their servers in real-time for various services: Periodic checking of Fortigate subscription/license validity for Web Filtering/AppControl/AntiVirus/AntiSpam/DNS Filtering. Real-time querying for visited by users web sites rating. Periodic signatures updates for IPS/AppControl/AntiVirus …



50,000 VPN usernames and their passwords from Fortigates around the world were leaked last week – what you can do to prevent it from happening to you

Around 50,000 Fortigate VPN accounts from around the globe were leaked to the public Internet last week. Not really news anymore, you can learn details elsewhere. What I asked myself about that was – is there anything to be done to prevent or lower the damage of such vulnerabilities? The …



Nfdump netflow/sflow cookbook of examples

Table of Contents Introduction Start nfcapd netflow collector in a daemon mode listening on port 5001 with all extensions enabled and saving received netflow data into the named folder NFS-cisco-rtr. Accept netflow records only coming from the sender with the IP of 13.13.13.137 Read and print all …



Using external threat feeds in FortiGate has become much easier with 6.0 and 6.2 versions

Recently I had the opportunity to configure an external threat feed as a block list for the Fortigate and was pleasantly surprised by how much simpler it has become. Task at hand: Block incoming connections sourced from IP addresses supplied as a list by a 3rd party commercial Threat Intelligence …