Hi :)Recently a syn flood hit us and we want to protect us in the best
way possible for the next time.I found out that FortiADC can deal with
it by using syn cookies. As we only have FortiGates... Can a Fortigate
do something like this?The only prote...
Hi Experts,I need to mirror my WAN traffic. I have two FG-201F v.7.2.5
in an active-passice cluster here.WAN1 is in use as a Physical interface
right now, handling our WAN Traffic.Is it possible to create the SPAN
configuration without causing a down...
Hi Community,I have two HA Clusters that I need to connect.DC1 has 2x
FG200E running active-acativeDC2 has 2x FG201F running active-passiveHow
would you connect those two HA clusters? I want to be able to lose one
of the Forigates on each side.Would ...
Hi All, I have trouble debugging my FG200E. Maybe someone here can open
my eyes... I have a Virtual Server: IP: 192.168.60.100 Virtual Server
Port: 443 Round Robin Real Servers: 192.168.60.11:5601,
192.168.60.12:5601 The Subnet 192.168.60.0/24 exists...
Hi Forum, i have trouble granting access to my DNS-Server to a customer
who is connected via IPsec. My Setup:172.16.10.11/32 Customer sNAT. All
traffic from my customer has this source.192.168.110.0/24 Loopback
Interface as VPN NAT-Network192.168.55....
Hi nageentaj,have you tried what you wrote me?"get sys session list" has
no description column where a "half-open" could appear. grepping for it
will never bring any results.I found out a"diagnose sys session list"has
the information im looking for, ...
Hello nnair, Thanks for your answer. How could the provided Link help me
to answer my questions? I'd like to know if the Fortigate can somehow
provide a smarter protection than just limiting the pps count.Also, how
can I check the count of half open ...
Thanks Alex!That's the setup I already tried out in my sandbox. I was
hoping there could be a solution without switches. Anyway, thanks for
your time and help.Cheers
Hi Alex,it's not for HA redundancy. Im happy with the two seperate HA
clusters.I just have these two Datacenters and want a direct connection
between them for internal traffic from one DC to the other. The
Connection between the Datacenters should be...
Sure, here you are: config system interface edit "VLAN Trunk" set vdom
"root" set type aggregate set sample-rate 500 set polling-interval 30
set member "port2" "port3" set snmp-index 29 nextend config firewall
address edit "Office: VLAN104 Subnet" se...
