Motivation As a distributor we offer various security products from different vendors. On the one hand these are FortiGate and PaloAltoNetworks NGFW firewalls to make the perimeter more secure, on the other hand products & services from Kaspersky. Kaspersky offers various threat feeds that can be used in other products….
How to configure the FortiGate for a 3CX UC system with SIP trunk
3CX is a very widespread UC solution (phone system or also known as PBX). FortiGate is a very widespread firewall solution. Both of the products are very good in doing their thing. But to work together, a littlebit of configuration work is needed. Below you can find an example configuration…
FortiGate virtual server webpages loading infinite
Fortinet has introduced a new configuration parameter in FortiOS 7.2.4 and higher. The setting is “http-supported-max-version” that is configurable under “config firewall vip”. Symptoms After an upgrade of the FortiOS to 7.2.4, some websites that are published over a virtual server on the FortiGate are loading infinite. A part of…
FortiGate Memory and CPU Troubleshooting
From time to time we face performance problems on FortiGate units in our daily support life. Most often the impacts of performance problems on the FortiGate are not typical. Or let’s say “not as an admin that is not familiar with FortiGates would expect”. The expectations vary from high delay…
New FortiOS firmware patches released
Maybe you have already noticed (or maybe you have been informed by our Fortinet Firmware Update mailing list) that Fortinet has released of some new FortiOS patches on Feb. 7, 2024. To be more precise – all Fortinet minor and major versions that are running on Fortigate models that are…
10 FortiGate Configurations That Can Cause Slow Performance
In this post we want to share some of the most seen reasons for slow performance on FortiGate appliances with you. This are experiences we’ve made in our support department and is not a concluding list. Traffic shapers Traffic shaping is an evergreen topic. We have already written two blog…
How to recertify the new Fortinet Certifications
It was not so long ago that Fortinet replaced the old NSE levels with new certification levels. We already wrote an article about this last year in this blog post. Nevertheless, let’s take a look at how you can recertify our new Fortinet certifications: Basically, recertification is pretty simple. After…
FortiGate remote-management over FortiGateCloud: This FortiCloud account (“user.name@domain.com”) is not authorized to sign in on this FortiGate
Since FortiOS 7.4.2 it is possible to log into your FortiGate WebAdmin locally or via the remote management feature in the FortiGate Cloud using the FortiCloud IAM credentials. The configuration procedure is quite simple and documented in this Fortinet KB article. A very important detail from this article is the…
FortiGate: Deny-Policies for SD-WAN members
SD-WAN is a cool feature to configure redundant internet access. But it was designed with load-balancing in mind and this brings some challenges to specific use cases. As an example, while you can use SD-WAN rules to define the preferred path for a specific application/system, it won’t prevent that the…
CheatSheet FortiOS v7.4
We are happy to present you the new cheat sheet for FortiOS version 7.4.If you have an idea for the cheat sheet, please let us know in the comments. We wish you good luck with troubleshooting.