greetings,here is the scenario:1. there are 2 interfaces on Fortigate at
A site as the SD-WAN member interface to Azure, they are link 1(port 17)
and 2(OL_INET) in the following picture.2. normally, FortiGate uses link
1 as the outgoing interface for...
greetings,we'd like to access Internet, say, google.com with ssl vpn
establised to Fortigate, but we got the error like below.but the user
without ssl vpn connection has no such problem.ssl vpn connection is
used for laptops from another country.the ...
greetings all, I'd like to know what does "IP connection error" exactly
mean in FortiAnalyzer? we are a production factory and when there is
some delay from the production line, I can see the log IP connection
error displayed in fortianalyzer, and ma...
greetings, I created an SD-WAN rule (source = all, destination = all)
for Internet access with two member interfaces. One is the underlay
interface and will forward traffic to local egress (DIA), the other one
is an overlay MPLS ipsec tunnel that wil...
greetings,Previously we used ping to a single www server from public
Internet as the SLA detect method, and some day ISP stops the ICMP to
that www server, so SD-WAN rule brought down the member interface.Now
we'd like to use DNS as the active probe ...
thanks amrit,ipsec overlay interface is based on MPLS (a separate link),
not under the underlay interface.the two interface I mentioned in the
post are not in the same zone. The underlay interface is within
ZONE_Internet, the mpls-based ipsec tunnel ...
thanks.OK the packet loss is to measure how much dns response packet get
lost?latency is to measure how long it takes to get a DNS answer?how
about jitter? does it mean the longest DNS response time minus the
shortest DNS response time?It should not ...
(we have 4 sites as spoke connecting to Azure, 3 of which are in West
europe, 1 is in China. In this case, we are talking about China site, it
is an ipsec to Azure East Asia).I compared several things across sites,
the only different thing is the tun...