For those that didn' t find out yet. On FAZ >=800 ( i think) you can
enable a Port to be a " packet sniffer" and watch this traffic. Search
for " Network Analyzer" in your Doc - nice stuff :) #config log settings
set analyzer-gui enable set analyzer ...
i' d suggest to use a recent Patch of either 4.2 or 4.3 Than change the
Policy that allows " SIP" to be SIP (udp/tcp 5060) only and not ANY
Under UTM -> Create a new VoIP Profile. lets say " SIP" . config voip
profile edit " SIP" set comment " defaul...
Option-B This would actually only accept the def route, all other routes
would be dropped consequently. config router prefix-list edit "
default_route" config rule edit 1 set prefix 0.0.0.0 0.0.0.0 next edit 2
set action deny set prefix any next end ...
You can work with Access Lists - to only " learn" specific routes
through bgp. There are various ways to perform filtering on " incoming
route lists" or filtering " distributed lists" . The example would only
put routes into route-table that do match...
FortiManager<>FortiGate uses a tcp/541 Protocol to communicate. Also
FortiGate tries to reach it' s Fortimanager. So putting a remotely
managed FortiGate behind - a NAT Device - with or without dynamic IPs
(eg DSL Line) After an IP-Addr change they w...