Blog Archives

How to check external CA store on FortiGate

Didn’t find alot of information on how to view the FortiNet approved CA-store, so I thought I’d make a post about it.This is the command to check the store (details can be omitted). Note there is a difference between an unit running VDOM – With VDOM: get certificate ca details – Without VDOM: get vpn […]

Nested group object not present on FortiGate when configured through FortiManager

I encountered a problem with a firewall blocking traffic even though it was supposed to let traffic through. This particular policy used nested object grouping (Main group > Sub-group > NetworkAdr-member). The odd thing was, it seemed to only affect one vDom. What was happening: The traffic did not match the configured policy and was […]

Site to Site VPN between FortiGate and Check Point – malformed payload

Just thought I’d drop a post on a compatability issue which caused a lot of hassle for us. Problem: Problems establishing site to site VPN between FortiGate 1500D and Check Point 1430 appliance with Gaia embedded. Error: Main Mode Sent Notification to Peer: payload malformed – possibly a mismatch in pre-shared keys Background: We were […]

Multiple commands in auto-script / set script-variable

Just a quick note about the auto-script functionality and how to run multiple commands, because this had me stomped on a Monday morning. (Thank you FortiNet for your sparse documentation) There is no fancy solution, no special new line characters, no encapsulating the commands in quatation marks and separating them by a delimiter or anything […]