Re: Cannot delete interface

Toshi_Esumi · 01-14-2025

I saw some conversation about stopping auto-upgrade on FGTs before after 7.2.8. And, we're doing it manually for those FGTs that are NOT managed by FMG. Then when we tried the same for those managed by FMG, the change was rejected because it's manage...

Toshi_Esumi · 10-23-2024

This version of FMG was released last week and now CVE-2024-47575 is released as well.https://www.fortiguard.com/psirt/FG-IR-24-423However, the release notes doesn't have anything in the resolved issue section. Does this actually have the vulnerabili...

Toshi_Esumi · 07-24-2024

A basic question: Would Websocket app (TCP 443) traffic be filtered by a policy with a Web Filter profile? Or do we need to match it with Application Control in a separate policy before or after the web filter policy?Thanks, Toshi

Toshi_Esumi · 07-21-2024

I'm working on migrating my home OpenSUSE machine I'm using for freeradius server to authenticate admin and VPN users on my FG40F(7.2.8) from Leap 15.3 to 15.5(on a new machine). Obviously 15.5's repo has a newer version of freeradius-server image.Th...

Toshi_Esumi · 05-07-2024

As all the other users at FortiCloud must have gotten, I received an announcement email per email account for 2FA auth enforcement starting June the 7th.My question is if it would apply to this Forum login account. I've kept using my old account emai...

Toshi_Esumi · 09-26-2025

So, the default route is going into the tunnel. And if you ping 8.8.8.8 without specifying the source it looks for an IP configured on the IPsec tunnel interface for the source IP. If you haven't configured the tunnel interface IP, it would pick othe...

Toshi_Esumi · 09-26-2025

One last question for the Entra ID setting, @GeorgeZhong Would you expect this "assertion + responses" signing option breaks SAML with 7.2.11 and older versions? If so we need to separate the Enterprise apps if we have multiple FGTs in mix of <=7.2.1...

Toshi_Esumi · 09-26-2025

What's in "exe traceroute 8.8.8.8"? Does it show any hops?Also share us "get router info routing-t all" for the first part that include default routes (0.0.0.0/0) at the remote-site1.Toshi

Toshi_Esumi · 09-24-2025

As in the KB @GeorgeZhong referred to, 40% means it could be a TLS or certificate issue. But did you check "diag debug config-error-log read" when you upgraded to 7.2.12? It might have lost something during the config conversion. Or if you're using d...

Toshi_Esumi · 09-24-2025

By the way the community is a transitive metric in BGP domain. So the BGP neighbor (regardless it's another FGT or other vendor routers) who receives those routes advertised from the local FGT would see the community:1 as well in case that router nee...

User Statistics

User Activity

Stop auto-firmware-upgrade via FMG

FMG 7.2.8

Websocket app traffic with Web Filter

RADIUS attribute: Message-Authenticator

FortiCloud login 2FA enforcement

Re: ping fail from wan interfaces

Re: SSL VPN Doesn't work after firmware update 7.2.12

Re: ping fail from wan interfaces

Re: SSL VPN Doesn't work after firmware update 7.2.12

Re: bgp routing | just allow ospf redistribution to one single bgp neighbor and not connected and st

Re: Cannot delete interface

Re: Fortigate OSPF routes

Re: Redistribute iBGP routes to OSPF in FortiGate

Re: Layer3 Fortiswitch

Re: FortiGate stripping BGP TCP option 19

Re: Processing logic for return traffic in statefu...

Re: VDOM Global

Re: Operation to enable asymroute because policy-b...

Re: Sfp module

Re: Problems when upgrading directly from 7.2.8 to...

Super User

User Statistics

User Activity

You are leaving our website