Category Archives: Fortigate

When using a a transparent vdom and an identity based policy to authenticate users on non standard ports (i.e. when users are using the explicit proxy on port 8080) it is neccessary to change the ports the Fortigate expects http … Continue reading →

A common source of failure for an ldap lookup when using a regular bind is incorrect user cn On the DC verify by running following command dsquery user -name “username”

Guest profile access may be granted to users failing NTLM authentication, such as visitors who have no user credentials on the network. To allow guest users in NTLM, use the following CLI command: If there are multiple domains, a trust relation … Continue reading →

Wan Opt and Web Cache has gone CLI only for certain Fortigate models (See below) since Version 4 Mr3 Patch 4. The removal from the Web GUI is apparently for performance reasons. ask a nurse

By default on Fortigate units with hard drives logs are only uploaded once a day. Units without a hard drive upload in realtime by default. If you would like a hard drive equipped Fortigate to upload logs in Realtime use … Continue reading →

Fortinet has published a list of the supported 3G modems for Version 4 MR3 Patch 6 and it can be found here

You can use the following command to check a Fortigate interfacefor any possible errirs that may affect traffic performance # diagnose hardware deviceinfo nic <port_name>

When faced with the need to determine what version of firmware a FortiAP is running with connecting it to a Fortigate, connect to the FortiAP via the console and run the following command “fap-get-status”