Q&A: Can you stack FortiCloud licenses to increase the duration?

Yes you can. If you add multiple FortiCloud 1 year licenses to a FortiGate, it will increase the amount of years.

It won't increase the storage space however.

FortiMail quarantine URL points to the wrong address

Today I was testing out the quarantine feature on the FortiMail and noticed something strange with the release link. The domain name that the link forwarded me to was doubling the hostname of the FortiMail.

For example, below is the quarantine email I received. I click on the 'Release' link to try and release the email:

Unfortunately the quarantine page doesn't load. Looking at the URL I can see that it's pointing to mail.mail.ingramlabs.com.au instead of mail.ingramlabs.com.au. The 'mail' hostname here has doubled up for some reason.

 

How-to: Configure a FortiAuthenticator to be used for admin RADIUS authentication, Single Sign On and as a Certificate Authority

In the post I'm going to go through the steps on how-to configure a FortiAuthenticator (FAUTH) from scratch so that it can serve as a RADIUS server for admin logins on a FortiGate (FGT), as the Single Sign On (SSO) service for a FortiGate and lastly as a Certificate Authority that will create a cert for a FortiGates admin GUI and to be used in the SSL proxy for deep packet inspection.

It's quite a long one so grab a coffee and get ready!

How-to: Configure a workflow in FortiManager to enforce change management policies

The FortiManager allows you to enforce change management policies so that while junior members are able to make configuration changes, they will not be applied until management approves them.

This blog will go through the steps on how-to set this up.

How-to: Configure a pre-login warning message on a FortiGate

By default when you login to a FortiGate there is no warning message. This blog will go through howto enable the banner and edit the default message to help scare away those baddies.

How-to: Automate user browsing from a text file containing URLs

In this blog I'll go through how I configure my lab environment so that computer/users will automatically connect to web servers via a text document on a schedule. The reason I set this up is to simulate constant 'real world' browsing from computers in the lab so that my web filtering reports are filled up when it comes time to demo to customers!

How-to: Create a YouTube report for the FortiAnalyzer

One of the new features of FortiOS 5.2 was the introduction of Cloud Application logging which allows you to track web application traffic like Youtube videos, email address logins and files uploaded/downloaded via Dropbox.

This quick how-to guide goes through creating a small chart that will only show us the YouTube videos that have been watched and the users that watched them.

This config is done a FortiAnalyzer running 5.2.2.

How-to: Configure DLP fingerprinting on a FortiGate

The following how-to guide will take you through the steps to configure DLP fingerprinting on the FortiGates.

Before we begin we need to confirm two things.

Firstly, the FortiGate model you are configuring has a storage drive. Models like the FG80C have no storage so DLP fingerprinting won't work.

Secondly DLP has been enabled in the web-gui. If it's not you can enable it via the CLI with the following commands:

config system global
set gui-dlp enable
end

For FortiGates running 5.2 you'll need to goto Security Profiles > Advanced > DLP Fingerprinting. If you're running 5.0 it will be found under Security Profiles > DLP > DLP Fingerprinting.