Hi,After upgrading to FortiOS 7.2.8 we are having some issues with the
WAF filter on some of our services. It seems that the filter in this
version is setup harder or that the exceptions we built in the past
based on event ID's are being ignored.I no...
Hi,First post!I have a HA cluster which I used as a Fabric Root with
FortiOS 7.0.14 along with a downstream Fortigate also on 7.0.14. The
security fabric was set over a IPsec VPN. After upgrading both the root
and the downstream to 7.2.8 I lost conne...
I'm planning to rebuild the security fabric next week following this
technical tip:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configure-IPsec-VPN-with-SD-WAN/ta-p/209840I
will post my results.
I ended up making a new profile but without blocking the constraint for
malformed requests. That works. It is too bad that because of a false
positive you have to avoid the constraint entirely but well ...
Thank you again for taking the time to think about this problem. There
is no any signature ID in the logging though. And before the upgrade I
always used the event ID to build an exception into the WAF filter and
worked perfectly.I have been able to ...
Thank you @hbac The IPsec going down looks like a consequence of
upgrading. I have troubleshooted the tunnel but I only see traffic going
out from the root fabric to the downstream firewall. I don't get any
response. My guess is that it has something...
