Fortigate

From Piszczynski

Addresses and Policies

Make sure when adding any policy or address it is also added to the policy or address that you are trying to affect.

CLI Commands

Ping - can also be used as nslookup

  • exec ping <ip address or FQDN>

FQDN addresses

Check for resolved IP addresses for all FQDN addresses in CLI:

  • diagnose firewall fqdn list

Add Bulk IPs to fortigate via CLI

check this guide: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Creation-and-addition-of-bulk-IP-address-objects/ta-p/241823

Troubleshooting VPN connections

info video for troubleshooting VPN connections https://www.youtube.com/watch?v=CXWoTZ5t8XI&t=2923s