We are running 5.2.2 and using an IP Pool. We are using the default type
of "Overload". We do not have the "Fixed Port" option checked on the
policy, yet the Fortigate still uses same source port rather than
allocating a new one. According to the doc...
We use VIPs to port forward traffic to our web servers. When we enable
NAT on the policy, it uses the internal network interface IP address as
the source IP. Is it possible to specify a secondary IP address as the
NAT source rather than the interface...
I've got a really strange issue that we've spent a week on and haven't
been able to get anywhere. Here are the specs:FortiGate 600C running
5.2.2 in a HA Active-ActiveConnected to Cisco 3560X switches with LACP
aggregate interfaces We recently switch...
We are trying to set up a security policy that requires the user to
authenticate to the firewall when accessing a particular internal web
page. It works fine if the destination site is on port 80, but not when
the site is hosted on a different port (...
The issue below occurs in an environment with 2 Fortigate 600Cs in HA
pair with 5.03 and 5.06 software. We' re experiencing random distorted
on a policy. This will begin as soon a...
I noticed that it didn't require me to enable NAT on the policy to do
the NAT translation on the VIP, but that seemed to be the only way to
select an IP Pool (at least through the GUI in 5.2.2). Can you enable
the IP Pool on the CLI without enabling ...
We think we finally have this one fixed. We created a Dynamic IP Pool
with 100 IP addresses and chose that IP pool on the policy rather than
"Use Outgoing Interface Address". We only enabled this IP pool for the
policy for Internal>FW>Internal policy...
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.