I am trialing a FortiMail and am running 5.2.3. I am trying to determine
if the FortiMail can verify inbound recipients a la Barracuda's Exchange
Accelerator. I have an LDAP connection setup and it is working
correctly. My internal users can login as...
I have an Action:DENY policy setup at the top of the ruleset for inbound
traffic from WAN1 to DMZ. The source address for this policy is a group
which consists of some geography-based networks and " bad addresses"
that come up frequently in the IPS. ...
I have a ticket open with Forti customer service, but it' s been a full
day with no response so I thought I' d ask you guys. I' m trying to
setup a VPN-only 5.x FortiClient, which is possible according to the
documentation. I don' t need or want the ...
As of this writing there appears to be something wrong with the 5.0.2
firmware image for the FGT 80c on the official Fortinet FTP site. Since
I' m testing some FortiAPs I decided to upgrade my FGT 80C to the latest
firmware (5.0.3 as of this writing)...
I' m looking to replace an Aruba-based WLAN. As an existing FortiGate
customer I' m considering FortiAPs, but I' m finding a dearth of recent
reviews and no one in my IT circle has them deployed. I know asking a
Fortinet community is astroturfing to ...
Emnoc, the only reason I haven' t debugged is because I thought my rules
were cut and dry. Silly I know. This will be my next step. FatalHalt,
Nothing shows up in the logs matching against policy 53. :/ Netmin, I'
ve always used dots in my names with...
While I agree with Bob that the 192.168.x.x IP space is overused and
should be avoided when possible, I do not agree that it is the easiest
thing to change. Even if you use another private IP space there is
always a chance that you will find overlap ...
EdgeTransport doesn' t need to participate in AD so its policy
requirements are minimal. You' ll just need to create policies that open
the few ports it needs between DMZ and Internal. According to this
TechNet article the ports are TCP 50389 (LDAP),...
It sounds like the FortiGate is having a hard time figuring out which
Phase1 tunnel to use. It will take some customization of your profiles,
but you could try changing the Peer ID. You' ll have to make the change
on each Phase1 tunnel configuration ...