I have a VIP setup with a static route, so it can be advertised into
bgp. The link-monitor checks the server the VIP is mapped to. When I
shutdown the server, the link-monitor shows the status is dead, but the
static route is not withdrawn from the r...
I'm testing FGSP and VRRP using foritgate VMs. The topology is as
follows: FirewallA (VRRP Master)--------L2VPN--------FirewallB (VRRP
Backup) There are 3 servers:Server A connects to Firewall AServer B
connects to Firewal BServer C is in the VRRP do...
I'm trying to add Fortigate to FMG have tried version 7.0.15, 7.2.0,
6.4.10 and always get probe failed, even after emabling low encryption:
config system globalset adom-status enableset enc-algorithm lowset
fgfm-ssl-protocol tlsv1.0set usg enableend...
the route is present still in the kernel, as @Toshi_Esumi confirmed my
suspicions as well. I will need to do some sort of BGP conditional
advertisement.
Hi Atul, Using policy route to direct traffic for Server B fixes the
issue. Using Policy route isn't ideal as I'd like the foritgate to use
the BGP routes for resiliency. is this particual issues resolved on
newer firmware versions?
Hello, Yes I have this enabled as well. See config below.
FortiGate-VM64-KVM # show system haconfig system haset session-pickup
enableset session-pickup-connectionless enableset
session-pickup-expectation enableset override disableend I will try
poli...
I applied this command to FMG and now I can add device FMG-VM64-KVM #
config system global(global)# set fgfm-peercert-withoutsn enable I found
this article that explains it.
https://community.fortinet.com/t5/FortiManager/Technical-Tip-How-to-register...
@Quint021 Thank you for the reply. Here is the debug on FMG2024-07-04
16:22:10 FGFMs(probing...): __get_handler: SNs don't match
, need to examine later2024-07-04 16:22:10
FGFMs(probing...): __get_handler:1026: serial number (FGVMEVWXJNWHYO97)
in 'g...
