Fortigate: Web Filtering is “Unreachable”

Came across this problem that I am unable to use "Web  Filtering" feature on my Fortigate 200B on Firmware 5.2.11 Web Filter error shows the following error before you can create a profile. Licensing information on Fortigate Portal shows I am licensed to use Web Filtering, but on my local firewall error shows "Unreachable" Things … Continue reading Fortigate: Web Filtering is “Unreachable”

Fortigate: How to allow (or deny) wildcard FQDN (Domains) in Policy

Note that this is bit buggy for Fortigate FortiOS 5.2 but works for later versions. Also note that there is an issue with Google Chrome, sometimes allowing google.com even if its supposed to be blocked.  Remember to add EXPLICIT DENY at the end of your list of wildcard sites == Does wildcard FQDNs work in … Continue reading Fortigate: How to allow (or deny) wildcard FQDN (Domains) in Policy

Fortigate: How to Source NAT traffic into a VPN Tunnel

Came across an issue on FortiOS 5.4 where a connection to remote peer via an IPSEC Tunnel suddenly stopped working. (My user told me it was working in the past atleast) Setup is the internal IP needs to be NAT'd to an IP that is known to the VPN peer. So for example, 10.5.0.5 (internal) … Continue reading Fortigate: How to Source NAT traffic into a VPN Tunnel

Gartner’s 2017 Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls) Released

  Here is an overview of the leaders in Unified Threat Management (UTM) for 2017. The quadrant is based on the vendor's ability to execute and the completeness of vision.  For 8th straight year, Fortinet is recognized as the market leader in UTMs. To learn more about Gartner's complete view of the UTM market, register for … Continue reading Gartner’s 2017 Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls) Released

Tools: Flow Trace in Fortigate

The flow trace feature in the FortiGate units allows you to trace to flow of a packet through the firewall you are consoled to. It allows you to see if the packet is being denied for some reason or being allowed by a particular policy. You can also see what NAT rule and routing is … Continue reading Tools: Flow Trace in Fortigate

#WCry Wannacry Security Recommendations

Outbreak Date: 13 May 2017 - (Ransomware) WannaCry I know its bit old, and (almost?) quiet (perhaps, evolving) after the "kill switch" was triggered up. But here are my compiled Security Recommendations from various Firewall Vendors on mitigating the risks and protecting your network from the threats brought about by this ransomware known as WannaCry.  Yesterday, another … Continue reading #WCry Wannacry Security Recommendations