{"id":106,"date":"2025-02-11T15:16:28","date_gmt":"2025-02-11T14:16:28","guid":{"rendered":"https:\/\/pprzybyla.com\/blog\/?p=106"},"modified":"2025-02-11T15:16:28","modified_gmt":"2025-02-11T14:16:28","slug":"the-basic-way-to-use-automation-snitch-on-fortigate","status":"publish","type":"post","link":"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/","title":{"rendered":"The basic way to use Automation Snitch on FortiGate"},"content":{"rendered":"\n

Hi, This one is to show how you can use automation stitches in your infratructure. Okay, imagine you have a case where you have a VPN to a 3rd party company over which you have no control. You also have two internet connections on your side. And now you want to take advantage of that so you put up a VPN, the third party company only provides you with one public IP on its side. You get two VPNs in this case: LOCAL_ISP1 <-> 3rd_Party and LOCAL_ISP2 <-> 3rd_Party. Okay, you put some routing on both sides – static routing , BGP or whatever you want and everything is ready, you can close the application.<\/p>\n\n\n\n

This is a standard implementation, but it happens that sometimes we can’t control everything and do as we want. In this case, imagine that 3rd party tells you that only one tunnel can be active at a time, if they are both then the whole network at their place will go crazy and they will have to fix it for a long time. With the solution comes automation stitches.<\/p>\n\n\n\n

Documentation: https:\/\/docs.fortinet.com\/document\/fortigate\/7.4.7\/administration-guide\/139441\/automation-stitches<\/a><\/p>\n\n\n\n

First lets create link monitor that will ping 192.168.1.10 server with source ip 10.0.0.1. We will use logs from status change to trigger automation snitch.<\/p>\n\n\n\n

config system link-monitor\n    edit \"VPN-3RD_PRIMARY\"\n        set server \"192.168.1.10\"\n        set gateway-ip 10.0.0.1\n        set source-ip 10.0.0.1\n        set update-policy-route disable\n        set service-detection enable\n    next\nend<\/code><\/pre>\n\n\n\n
Go to Security Fabric -> Trigger and create new trigger. Select Event type Link monitor status and two field filters – name and msg. In name field type name of link-monitor object that we created earlier. In msg box type “Link Monitor initial state is dead, protocol: ping”<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Now let’s start the first action for our stitch. The email type allows you to inform, for example, the NET department that something is wrong and what change has been made. You can also make MS Teams notifications and many more.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Now lets make CLI Script. It will got to primary VPN interface, shutdown it and then bring up secondary VPN.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Finally, let’s put it all together. We have such a cool Stitch:<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
And that’s it, if there is an emergency switchover, the connection will work on the secondary WAN. In the appropriate time window – e.g. in the evening you can switch the vpn back to the primary connection and check if the connection is working. In this scenario you simply do shutdown secondary vpn and no shutdown primary vpn<\/p>\n\n\n\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
Hi, This one is to show how you can use automation stitches in your infratructure. Okay, imagine you have a case where you have a VPN to a 3rd party company over which you have no control. You also have two internet connections on your side. And now you want to take advantage of that\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":112,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-106","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-fortigate"],"yoast_head":"\nThe basic way to use Automation Snitch on FortiGate - Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The basic way to use Automation Snitch on FortiGate - Blog\" \/>\n<meta property=\"og:description\" content=\"Hi, This one is to show how you can use automation stitches in your infratructure. Okay, imagine you have a case where you have a VPN to a 3rd party company over which you have no control. You also have two internet connections on your side. And now you want to take advantage of that\u2026 Read More »\" \/>\n<meta property=\"og:url\" content=\"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog\" \/>\n<meta property=\"article:published_time\" content=\"2025-02-11T14:16:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pprzybyla.com\/blog\/wp-content\/uploads\/2025\/02\/Zrzut-ekranu-2024-02-28-103606.png\" \/>\n\t<meta property=\"og:image:width\" content=\"723\" \/>\n\t<meta property=\"og:image:height\" content=\"765\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"http:\/\/pprzybyla.com\/blog\/#\/schema\/person\/78e3f329b514e87d4b8591f2e797b558\"},\"headline\":\"The basic way to use Automation Snitch on FortiGate\",\"datePublished\":\"2025-02-11T14:16:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/\"},\"wordCount\":410,\"commentCount\":0,\"publisher\":{\"@id\":\"http:\/\/pprzybyla.com\/blog\/#\/schema\/person\/78e3f329b514e87d4b8591f2e797b558\"},\"image\":{\"@id\":\"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/pprzybyla.com\/blog\/wp-content\/uploads\/2025\/02\/Zrzut-ekranu-2024-02-28-103606.png\",\"articleSection\":[\"Fortigate\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/\",\"url\":\"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/\",\"name\":\"The basic way to use Automation Snitch on FortiGate - Blog\",\"isPartOf\":{\"@id\":\"http:\/\/pprzybyla.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/pprzybyla.com\/blog\/wp-content\/uploads\/2025\/02\/Zrzut-ekranu-2024-02-28-103606.png\",\"datePublished\":\"2025-02-11T14:16:28+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#primaryimage\",\"url\":\"https:\/\/pprzybyla.com\/blog\/wp-content\/uploads\/2025\/02\/Zrzut-ekranu-2024-02-28-103606.png\",\"contentUrl\":\"https:\/\/pprzybyla.com\/blog\/wp-content\/uploads\/2025\/02\/Zrzut-ekranu-2024-02-28-103606.png\",\"width\":723,\"height\":765},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/pprzybyla.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The basic way to use Automation Snitch on FortiGate\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/pprzybyla.com\/blog\/#website\",\"url\":\"http:\/\/pprzybyla.com\/blog\/\",\"name\":\"Blog\",\"description\":\"\",\"publisher\":{\"@id\":\"http:\/\/pprzybyla.com\/blog\/#\/schema\/person\/78e3f329b514e87d4b8591f2e797b558\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/pprzybyla.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"http:\/\/pprzybyla.com\/blog\/#\/schema\/person\/78e3f329b514e87d4b8591f2e797b558\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/pprzybyla.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"http:\/\/pprzybyla.com\/blog\/wp-content\/uploads\/2025\/02\/my-photo-url.jpg\",\"contentUrl\":\"http:\/\/pprzybyla.com\/blog\/wp-content\/uploads\/2025\/02\/my-photo-url.jpg\",\"width\":800,\"height\":800,\"caption\":\"admin\"},\"logo\":{\"@id\":\"http:\/\/pprzybyla.com\/blog\/#\/schema\/person\/image\/\"},\"sameAs\":[\"http:\/\/pprzybyla.com\/blog\"],\"url\":\"https:\/\/pprzybyla.com\/blog\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The basic way to use Automation Snitch on FortiGate - Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/","og_locale":"en_US","og_type":"article","og_title":"The basic way to use Automation Snitch on FortiGate - Blog","og_description":"Hi, This one is to show how you can use automation stitches in your infratructure. Okay, imagine you have a case where you have a VPN to a 3rd party company over which you have no control. You also have two internet connections on your side. And now you want to take advantage of that\u2026 Read More »","og_url":"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/","og_site_name":"Blog","article_published_time":"2025-02-11T14:16:28+00:00","og_image":[{"width":723,"height":765,"url":"https:\/\/pprzybyla.com\/blog\/wp-content\/uploads\/2025\/02\/Zrzut-ekranu-2024-02-28-103606.png","type":"image\/png"}],"author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#article","isPartOf":{"@id":"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/"},"author":{"name":"admin","@id":"http:\/\/pprzybyla.com\/blog\/#\/schema\/person\/78e3f329b514e87d4b8591f2e797b558"},"headline":"The basic way to use Automation Snitch on FortiGate","datePublished":"2025-02-11T14:16:28+00:00","mainEntityOfPage":{"@id":"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/"},"wordCount":410,"commentCount":0,"publisher":{"@id":"http:\/\/pprzybyla.com\/blog\/#\/schema\/person\/78e3f329b514e87d4b8591f2e797b558"},"image":{"@id":"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#primaryimage"},"thumbnailUrl":"https:\/\/pprzybyla.com\/blog\/wp-content\/uploads\/2025\/02\/Zrzut-ekranu-2024-02-28-103606.png","articleSection":["Fortigate"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/","url":"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/","name":"The basic way to use Automation Snitch on FortiGate - Blog","isPartOf":{"@id":"http:\/\/pprzybyla.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#primaryimage"},"image":{"@id":"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#primaryimage"},"thumbnailUrl":"https:\/\/pprzybyla.com\/blog\/wp-content\/uploads\/2025\/02\/Zrzut-ekranu-2024-02-28-103606.png","datePublished":"2025-02-11T14:16:28+00:00","breadcrumb":{"@id":"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#primaryimage","url":"https:\/\/pprzybyla.com\/blog\/wp-content\/uploads\/2025\/02\/Zrzut-ekranu-2024-02-28-103606.png","contentUrl":"https:\/\/pprzybyla.com\/blog\/wp-content\/uploads\/2025\/02\/Zrzut-ekranu-2024-02-28-103606.png","width":723,"height":765},{"@type":"BreadcrumbList","@id":"https:\/\/pprzybyla.com\/blog\/the-basic-way-to-use-automation-snitch-on-fortigate\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/pprzybyla.com\/blog\/"},{"@type":"ListItem","position":2,"name":"The basic way to use Automation Snitch on FortiGate"}]},{"@type":"WebSite","@id":"http:\/\/pprzybyla.com\/blog\/#website","url":"http:\/\/pprzybyla.com\/blog\/","name":"Blog","description":"","publisher":{"@id":"http:\/\/pprzybyla.com\/blog\/#\/schema\/person\/78e3f329b514e87d4b8591f2e797b558"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/pprzybyla.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"http:\/\/pprzybyla.com\/blog\/#\/schema\/person\/78e3f329b514e87d4b8591f2e797b558","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/pprzybyla.com\/blog\/#\/schema\/person\/image\/","url":"http:\/\/pprzybyla.com\/blog\/wp-content\/uploads\/2025\/02\/my-photo-url.jpg","contentUrl":"http:\/\/pprzybyla.com\/blog\/wp-content\/uploads\/2025\/02\/my-photo-url.jpg","width":800,"height":800,"caption":"admin"},"logo":{"@id":"http:\/\/pprzybyla.com\/blog\/#\/schema\/person\/image\/"},"sameAs":["http:\/\/pprzybyla.com\/blog"],"url":"https:\/\/pprzybyla.com\/blog\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/pprzybyla.com\/blog\/wp-json\/wp\/v2\/posts\/106","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pprzybyla.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pprzybyla.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pprzybyla.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pprzybyla.com\/blog\/wp-json\/wp\/v2\/comments?post=106"}],"version-history":[{"count":1,"href":"https:\/\/pprzybyla.com\/blog\/wp-json\/wp\/v2\/posts\/106\/revisions"}],"predecessor-version":[{"id":113,"href":"https:\/\/pprzybyla.com\/blog\/wp-json\/wp\/v2\/posts\/106\/revisions\/113"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pprzybyla.com\/blog\/wp-json\/wp\/v2\/media\/112"}],"wp:attachment":[{"href":"https:\/\/pprzybyla.com\/blog\/wp-json\/wp\/v2\/media?parent=106"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pprzybyla.com\/blog\/wp-json\/wp\/v2\/categories?post=106"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pprzybyla.com\/blog\/wp-json\/wp\/v2\/tags?post=106"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}