Monday, February 4, 2019

Fortigate Vdom

VDOM administration

Super _admin profile can have access to all VDOM

Policy- based routes configuration in

Network > policy routes

Enable the ipv6 / or any other feature

System>Feature visibility    (to view the feature set)

Fortigate ECMP

Config system settings

Set v4-ecmp-mode [source-ip-based ] by default
---------------------------------------------------------------------
Learning mode :- in Fortinet Enable devices detection on the source interfaces

Traffic shapers  :- - Shared traffic

For mapping the more than one services we can create  :- services object


Session table in fortigate

Session diagnose (output)

Session table >   Fortiview > all sessions

TCP default TTL vale for session table on firewall

3600 sec default vale

Firewall services> firewall policies >global sessions

Clear any previous filters
------------------------------------------------------------
Diagnose sys session filter clear
Diagnose sys session list
Diagnose sys session clear


Eg :- Diagnose sys session filter dst 10.200.1.254
Diag sys session filter dport 80
Diag sys session list


Show the routing table
------------------------------------------
Get router info routing-table all 
By -
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Optimization of fortigate IPS

IPS signature need select according to infrastructure environment  Eg:-  if  we are not have Linux servers this ips signature can disable (d...