We are happy to present you the new cheat sheet for FortiOS version 7.4.If you have an idea for the cheat sheet, please let us know in the comments. We wish you good luck with troubleshooting.
CheatSheet FortiOS v7.4
FortiGate throughput troubleshooting
Limited throughput on network devices is a common problem. We handle a lot of cases with thtroughput issues and have written a guide on how we recommend to start troubleshooting in such cases.
CVE-2023-27997 – FortiOS & FortiProxy – Heap buffer overflow in sslvpn pre-authentication
Please note the vulnerabilities in Fortinet products published in June. In particular, we would like to mention the vulnerability in FortiOS, which affects SSLVPN access and poses a major threat with a CVSSv3 score of 9.2. Fortinet PSIRT: https://www.fortiguard.com/psirt/FG-IR-23-097CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27997 Affected are FortiOS versions 6.0 to 7.2. Fortinet has already…
CheatSheet FortiOS v7.2
We are happy to present you the new cheat sheet for FortiOS version 7.2. Most commands have remained the same.A bigger change is that the Packet Sniffer and the Debug Flow are now also available in the WebUI under Network > Diagnostics. We wish you good luck with troubleshooting.
FortiOS 7.0 and above not updating signature databases
Sometimes it happens, that FortiOS is not updating it’s antivirus signatures anymore. The monitoring software, a monitoring script or a very attentive administrator is then reporting this problem to the FortiGate admin to fix it. This guide will lead you through the steps to troubleshoot this.
FortiGate with FortiOS 7.2: First configuration steps
In our daily support work we often see FortiGates in use on which the basic settings like time zone, host name and so on have never been set correctly. Therefore we would like to provide you with a small guide on this page, with which you can adapt a new…
Fortigate: L2TP over IPsec configuration needs to be manually updated after upgrading from 6.4.x or 7.0.x
Fortinet has added a special note in the release notes of FortiOS 7.0 as follow: Source:https://docs.fortinet.com/document/fortigate/7.0.6/fortios-release-notes/927994/l2tp-over-ipsec-configuration-needs-to-be-manually-updated-after-upgrading-from-6-4-x-or-7-0-0-to-7-0-1-and-later Unfortunately the second point does not clearly state which policy exactly needs to be changed.Here is a screenshot of the changed policy: As you can see, the policy from the l2tp client to the…
FortiGate Custom Language
If you want to use custom languages on FortiGate generated websites, like the SSL VPN page, you can add additional self-made translation files to the FortiGate. Note at the beginning: This is a new feature under FortiOS 6.4.5 . It was available before but was not working. First you need…
Information on Log4j Vulnerability / CVE-2021-44228
Hi all, another vulnerability – log4j – is keeping us all on our toes.In this blog article you will find information about log4j from our vendors.
Fortigate S2S-Dialup VPN – Traffic does not run through IPsec tunnel anymore
After Fortigate upgrade v6.4 > v7.0.1 (or later) the S2S-dialup VPNs did not work anymore. Tunnel negotiation is successful and phase 1 and 2 get up. Traffic from spoke is routed into the tunnel, but is seems that the traffic is not received by the hub.
