Hi, I want to configure a policy based VPN from a remote site to a
central firewall. All traffic from the remote site should be tunnelled,
no local internet access. To my knowledge the only reliable way to do
this is with policy based VPN, and it wor...
Hi, I was just wondering how disruptive it is to enable vCluster 2 on a
production Fortigate installation which is already up and running. Does
it affect existing traffic in any way? Do you have to reboot the gates
after enabling it or something like...
Hi, I was wondering how disruptive it is to enable vCluster2 on a
production Fortigate installation which is already up and running. Does
it affect the existing traffic in any way? Cheers!Emil
Damn I wish we had a virtual whiteboard here so I could explain this
properly. :) One more try, from the beginning: Central site: A-FWWAN1
static IP: 1.1.1.1VPN: localnet 0.0.0.0/0, remote net 10.x.y.0/24, peer
gw: branch.fortiddns.com Branch site: B...
Yep, I'm already using dyndns for the VPN, but that's not the issue.
Issue is that if the branch FW gets a new "default gateway" on its
WAN1-interface, the old /32 route for the remote VPN peer will no longer
work because it's pointing at the wrong n...
Hi! Thanks for your reply. I thought of the /32-route to the remote
peer, in fact that is how i did this in 5.2 before I discovered that it
could be done with policy-based VPN (and in 5.2 without the /32-route).
That was for me ideal because that sol...
Hi, Just thought I'd report back. I enabled and configured the secondary
vcluster (it was NOT enabled as default) and moved the inactive VDOM to
it. We did not experience any disruptions to the production traffic.
Regards,Emil
Hi, Thanks for the reply. Yes, i have 3 VDOMs, 2 out of which (root,
vdomx) are handling production traffic at the moment. The third VDOM
(vdomy) is not in use right now. I want to configure the VDOM
partitioning so that root and vdomx stay active in...