Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
FG1kc
New Contributor

Features that you would like to see

Why limit to Authentication-based routing,can' t fortinet have Address-based and Device Identity routing on the policy tab itself rahter than putting it on the policy route tab would be very nice to have when your using/have multiple gateways
115 REPLIES 115
Jordan_Thompson_FTNT

pyfcgid crashes, and now httpsd crashes
Can you elaborate on these? If you have pyfcgid / httpsd crashes to report, you can send them to me directly.
bobm
New Contributor III

Thanks, but I already sent diag results in on my ticket, on their way to being added to the Bug Report
nothingel
New Contributor III

I would like to be able to change IP end-points in GRE tunnels without destroying the tunnel and recreating it. Currently, attempting to change the local or remote IP results in this message (tested on v5.0.7):
unexpected to change gateway address!
 attribute set operator error, -61, discard the setting
To reduce the pain, I always put the GRE tunnel inside a zone, thus eliminating the need to delete and recreate policies. Only the tunnel itself needs to be dropped and re-added to the zone. Still, I' d rather just update the single IP that has changed and be done.
emnoc
Esteemed Contributor III

That' s interesting and a good ideal you have for the tunnel end-points.

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
emnoc
Esteemed Contributor III

I believe, the NSA is trained to crack AES, DES, SSL and other common cryptographic protocols day by day
Why do you believe that a cipher that' s military grade can be cracked by NSA? If they can crack any thing, it' s bad security practice and poor implementation e.g using AES1128-256 but with a weak or common key. As far offering up another encryption cipher what? blowfish? And what advantage is that going to offer ? And nobody who' s serious about encryption , would use DES :)

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Chris_001
New Contributor

Ability to add variable: ' original recipient' to personal quarantine reports.
SteveRoadWarrior

Would like the ability to set rate limit (traffic shaping) with different upstream and downstream values per IP. This works better with Internet services which do not have the same amount of upload and download bandwidth.
rickards
New Contributor

Support for ICMP on VIP with portforward.
netzfritze

*SNMP Traps for failed Logins and for Administrator Logins/Logout *Changing SSH server keys with individual values *Port Range configuration on CLI like following:
edit port1 - port20
 set status down
 end
or
edit port1, port3, port5
 set speed 10full
 end
hfreel
New Contributor

Point to Multi Point VPN' s. Easier to manage large number of VPNs when attached to one interface at the Head end.
Labels
Top Kudoed Authors