Fortinet 3.0 MR7 manual Blocking device connection attempts, Hardware Model

Test Connectivity does not verify connectivity by Syslog. Syslog is required to send log messages. To verify Syslog connectivity, trigger FortiGate logs, then go to Log&Report > Log Access > Remote. Steps required to trigger sending log messages from the FortiGate unit varies by the log type. For example, event logs are not configured in the same location as logs resulting from firewall policies and protection profiles. For more information, see the FortiGate Administration Guide.

When full connectivity is verified, the FortiGate unit can send log and other data to the FortiAnalyzer unit. For more information about configuring FortiGate unit quarantining, content archiving, and/or remote logging, see the FortiGate Administration Guide.

Blocking device connection attempts

Blocking devices prevents them from being able to attempt connections to the FortiAnalyzer unit.

FortiAnalyzer units support a maximum number of devices, including registered and unregistered devices combined. For more information, see “Maximum number of devices” on page 76. You can manually block unregistered devices that you do not want in the FortiAnalyzer device list to free a spot in the device list.

Devices may automatically appear on your list of blocked devices. This can occur when devices attempt to connect after the maximum number of allowed devices has been reached. To resume adding devices, you must first block a device that is currently on your device list, then unblock the device you want to add, and add it to the device list.

To view blocked devices, go to Device > All > Blocked Devices.

Note: See “Configuring unregistered device connection attempt handling” on page 79 to prevent unregistered devices from automatically appearing in the device list.

Figure 4: List of blocked devices