 |
To ensure that an IPSec tunnel is used for a Fortianalyzer connection from a Fortigate (4.0 MR3), do the following:
- Using the GUI, tell the Fortigate to send its logs to the Fortianalyzer address... |
|
 |
1. Connect to the firewall via the Console port on the back of the unit. There should be one console cable included in the Fortinet box.
2. Start Hyber Terminal or any Terminal emulators lilke Put... |
|
 |
URL filters don't work when Allowing URLs that have already been blocked by Fortiguard. You must Exempt them. Exempt by itself disables all UTM features for that URL. See the attached document for ... |
|
 |
When this happens, most of the time a reboot will clear the errors. However, if a reboot is not an option at the time (as it will bring down the network), try killing the sslvpnd and ssl processes:
... |
|
 |
- The 'Remote Registry' Service needs to be set to Automatic. This can be accomplished forest wide by a GPO.
- The ports TCP139, and TCP445 need to be opened on the endpoint firewall. |
|
 |
Enter the following commands to disable NAT ALG:
Confis sys sett
Set sip-helper disable
Set sip-nat-trace disable
End
Execute reboot
Config sys session-helper
Show {looking for SIP, usually... |
|