Hi FortiWeb adminsI have a fresh FortiWeb 7.2.8 installation, protecting
a Web server for mobile applications.Public certificate correctly
installed on FortiWeb with certificate chain.I have the following
behavior:When Web server is protected by Fort...
Hi FortiGate adminsI have two hosts interconnected via a third party
IPsec, separated by a FortiGate.When I use no-inspection in the FG's
firewall policy I have the tunnel comes up and working fine.When I use
certificate inspection it doesn't come up...
Hi FortiWeb adminsWhen I create a user group on FortiWeb 6.3.x from
RADIUS I can't specify which RADIUS group. It means the group contains
all RADIUS users.Is it a limitation of 6.3.x or did I miss something?
I think the response is yes and no.In case the "bad" client is trying to
access through a known bad gateway/proxy then this should be blocked
using "IP Reputation" filter of the "Web Protection Profile".Otherwise I
don't see how FortiWeb can block su...
HiIn addition to Atlas' suggestion, as alternative you should be able to
achieve this using use virtual wire
pair.https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/166804/virtual-wire-pair
Or transparent
VDOM.https://docs.fortin...
Hi SheerazIf I understand well your requirements, you have to do as
follows:Forward HTTP/HTTPS traffic to FortiWeb (using VIP on your
Firewall)Forward other traffic from IPsec directly to the back-end
server (do not forward to FWB)So:IPsec tunnel byp...
Hi NeoRantIf you enabled https access on DMZ and didn't work then I
guess it is a routing issue.As per my knowledge FortiMail doesn't have
policy routes, so if you configure multiple interfaces you may have some
issues when accessing from the interfa...
Hi MuriI think FortiGuard filter would have blocked such e-mail.Under
FortiGuard section, enable IP Reputation, and enable primary URL filter
and set it to the "default" URL profile.