Hello all,
i i would like to add an countryblocker with type geography, the system did no allow that. The errormessage at the CMD is very strange.
Can not be geography address when it is a member of addrgrp used by ipsec_tunnel!
But this is a new object, so no member of anything. Is there anything that can be done? Is this a bug?
Very thanks and best Regards
Fortigate 60E v7.x (GA)
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Interesting. I have not jumped to 7.0 even at my home because of previous experiences with .0 releases. I would guess this is a bug, and it'd help the rest of us out if you could open a support ticket for it. :)
lobstercreed wrote:Created :) Now waiting...Interesting. I have not jumped to 7.0 even at my home because of previous experiences with .0 releases. I would guess this is a bug, and it'd help the rest of us out if you could open a support ticket for it. :)
Fortigate 60E v7.x (GA)
I do not have any issue creating geo block
SOCPUPFGT02 (address) # edit USAnew entry 'USA' added SOCPUPFGT02 (USA) # set type geography SOCPUPFGT02 (USA) # set country US SOCPUPFGT02 (USA) # end fortios7.0 I also tried in WebGUI alsoKen Felix
PCNSE
NSE
StrongSwan
Strange, maybe only in policy based mode? In any case, Fortinet probably sees things differently, and the whole thing goes to a senior engineer. It will be interesting.
Fortigate 60E v7.x (GA)
Support checked the whole thing and found out that for some reason only one S2S VPN blocks this.
It is sufficient to set the source and destination to all/all in VPN phase 2, and it is already possible to create geo addresses.
The Support was even able to verify this in the lab. Unfortunately, it is not clear why this happens.
Fortigate 60E v7.x (GA)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1031 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.