Fortigate Tutorial – Default Protection Profiles

  Fortigate Tutorial 3 - Default Protection Profiles   So you just started using your Fortigate and got the hang of it. You found out that it has some default Protection Profiles. This tutorial will help you explain the Default Profiles that Fortinet sent its powerful firewall.   1. Strict This profile applies default protection profiles for HTTP, FTP, IMAP, POP3, SMTP traffic This protection profile is not normally used since it is to "harsh" 2. Scan This one is good for virus scanning for the following network traffic: HTTP, FTP, IMAP, POP3 and SMTP traffic. If your FG has a HDD then if this protection profile catches a virus it will automatically quarantine it. 3. Web The Web protection profile applies virus scanning and web content blocking to HTTP traffic. This one is the one to use in case you do not define it yourself (as i do 😉 ). 4. Unfiltered This is pointless. It doesn't scan or block anything.   Hope this tutorial helped you. Thank you, Daniel p

Fortigate Tutorial – Firewall Default Settings

  Fortigate Tutorial 1 - Firewall Default Settings You just bought a Fortigate? I want to tell you from the beginning GREAT PICK! Much easier to use than the Cisco ASA and a more friendly GUI then ASDM. So now you added your Fortigate(maybe 50B like in the pic) to the network and you do not know where to go next?   Here are the default settings for almost all of the Fortigate Firewall: Internal: WAN1: WAN2:   DHCP is enabled by default on the internal interface with the following scope: till Default username: Admin Default password: <none>   Now you can connect to the firewall with SSH on port 22 and go from there. Hope you enjoy the Fortigates as much as i do.   See you in the next tutorial!   gt;

Fortigate Troubleshooting – VPN

Hello, This is my first post regarding troubleshooting Fortigate devices. To troubleshoot the Fortigate VPN configuration we will use the following commands:
#diag debug enable #diag debug console timestamp en #this command shows the time-stamp #diag debug app ike -1  <- used for v4.0MR1 #diag vpn ike log-filter dst-addr4 <-used from v4.0MR2 to the latest version #diag debug app ike -1 <IP_PEER> <- is the ip of the remote peer.
  To disable the VPN logging we can use:
#diag debug disable #diag debug console timestamp dis #diag debug app ike 0  
The following commands show the active VPN tunnels:
#diag vpn tunnel list #diag vpn gw list