I've configured a pair of FortiGate 81E firewalls into a HA cluster, and
I use them to terminate a set of auto-detect IPSEC tunnels. To improve
security, I use PKI to authenticate the tunnels, and I have configured
the firewalls to download CRL updat...
I have a new FortiManager (5.4.4) and FortiGate (81E, 5.4.5) deployment.
The 81E was configured before it was added to FortiManager, and it has
an IPSec VPN tunnel to a Juniper SSG firewall at a remote site. The 81E
added to FortiManager without erro...
Well... I enabled auto-update, and FortiManager auto-updated the config,
but then it set the root policy package status to Out of Sync, though
there are no changes applied if I (re)install the policy package. Not
ideal.
teddyko wrote:Is your Config Status or Policy Package Status going to
"Out of Sync"? Config Status. teddyko wrote:Changes to the CRL should
only affect Config Status. One possibility for Out of Sync status is
your auto-update setting may be disabled....
chall, After reading a link (https://forum.fortinet.com/FindPost/150794)
in a reply to another post, by heskez, I upgraded FortiManager to 5.6
and was able to successfully apply the policy to the device; it looks
like my problem was part of the inabi...
