Fortinet

Fortinet assures us that if the listen interface is empty the SSL-VPN is effectively disabled.The GUI shows SSL-VPN enabled in the GUI and can’t be disabled unless it is partially…

This is only relevant when WAN1 and WAN2 are both plugged in. Happens when switching ISP’s or when a customer wants backup internet. See Article on using a Cell Phone…

We had a strange failure on Axis Camera station that was behind a Fortinet firewall. The Scenario:CellPhone+AxisCameraStationApp > Fortinet1 > Internet > Fortinet2 > AxisNVRServer Problem scenario is that there…

This was shockingly easy I removed all the phase 1 encryption methods that weren’t being used and any DH group that didn’t match the Unifi The Phase 2 proposal was…

Mostly for me to remember what to do Plug laptop into Lan1, surf to https://192.168.1.99 login with admin and NO PASSWORD, should be prompted to change the passwordLogin again and…

Fortigate v7.0+ (?) allow for Zones. I usually call my zones Public and Private. then I can add interfaces to those zones, ie add the WAN interface to the Public…

Why; Fortinet charges $36 CA to convert a configuration from one model to another. Seems like a money grab and should be included in any upgrade. Fortinet will send you…

When setting up a new Remote Access VPN I recommend to always change to a custom tunnel and set a Peer ID. name can be anything, doesn’t matter. i Typically…

Manage your Fortigate devices at forticloud.com New Firewalls come with an 8 character code physically on a sticker Add existing firewalls to Cloud Mgt interface thusly https://community.fortinet.com/t5/FortiGate/Technical-Tip-Add-FortiGate-device-to-FortiCloud-account-without/ta-p/191123

Found out today If you delete a port forward, even if it’s not in use, Fortgate clears the session table so the remaining port forwards STOP WORKING until a port…