Here are the cli commands I use to set a fortigate unit with a Syslog server, change the server IP and the facility as needed.
config log syslogd setting set status enable set server 192.168.0.10 set port 514 set facility user end
Posts tagged Fortigate
Fast way to enable Syslog server on fortigate
Fortigate rates legitimate web sites as “pornography”
I had this problem with a few of my costumers.
The Fortigate appliance suddenly decided that legitimate web sites categorized as porno.
At first I filled the form for reevaluate the web sites until is became a flood.
I have opened a ticket at Fortinet for this problem and this is there respond…. READ MORE »
Fortigate: “The cmdb add entry failed”.
The Fortigate web interface is a great management tool, unfortunately there might be a bug that prevents you from creating new rules or adding new objects to the device.
It’s possible to change the configuration by modifying existing objects but can’t create new ones. READ MORE »
Fortigate: add static arp entries.
I use this commands to list, troubleshot and edit arp related problems/settings on a Fortigate unit.
To list your existing ARP table entries on a Fortigate unit.
get system arp-table
Use this command to add ARP table entries to the Fortigate unit. READ MORE »
Fortigate AS Engine feature returns an error “ASE reports it as spam”.
Outside users attempting to send emails to our domain were blocked with the following error:
554 5.7.1 This message has been blocked because ASE reports it as spam.
I have extracted this info from Fortinet KB:
The AS Engine feature was released in FortiOS 4.0. A new AntiSpam Rule Set was also introduced in v4.0, this is the new rule which contains a Heuristic Antispam check for all suspicious spam upon passing through a firewall. READ MORE »
FortiClient SSL VPN dropping the connection at 98%.
Just a quick reminder to myself, FortiClient SSL VPN can drop the dialing process if the “Mcafee security scan plus” is installed on the PC.
Check in “add/remove programs” if you see the “Mcafee security scan plus”, uninstall it and try to connect again.
A lot of security software like anti-viruses and personal firewalls can interfere with the dialing process of the SSL VPN, try to disable them if the problems persists.
Update:
Microsoft Security Essentials is blocking the dialing process too.
Update 2:
Try to disable IPV6 from network setting.
How to: Enable SNMP monitoring on a Fortigate device from CLI.
This document will show you step-by-step, how to enable the SNMP on a fortigate device from the cli, to be able to monitor its performance from your favorite network monitoring tool (Nagios, NetXMS, Big Sister, Cacti etc). I use The Dude (by Mikrotik) to monitor my networks, it’s a great free windows based tool. READ MORE »
Configure PPTP vpn on a Fortigate device from CLI.
Beginning with version 4.0, Fortinet, for some reason, removed the PPTP VPN option from the GUI interface.
If the vpn was configured, prior to the firmware was updated to version 4.0+, the PPTP vpn server would have continued to function, without the option to make changes from the GUI.
In a freshly installed device or in a new device with a pre-installed firmware version greater than version 4.0, this option is disabled by default and for some reason, you need to enable this option.
The only way to do that, is to go to the CLI and enable it from there. READ MORE »