Hi Experts,I need to mirror my WAN traffic. I have two FG-201F v.7.2.5
in an active-passice cluster here.WAN1 is in use as a Physical interface
right now, handling our WAN Traffic.Is it possible to create the SPAN
configuration without causing a down...
Hi Community,I have two HA Clusters that I need to connect.DC1 has 2x
FG200E running active-acativeDC2 has 2x FG201F running active-passiveHow
would you connect those two HA clusters? I want to be able to lose one
of the Forigates on each side.Would ...
Hi All, I have trouble debugging my FG200E. Maybe someone here can open
my eyes... I have a Virtual Server: IP: 192.168.60.100 Virtual Server
Port: 443 Round Robin Real Servers: 192.168.60.11:5601,
192.168.60.12:5601 The Subnet 192.168.60.0/24 exists...
Hi Forum, i have trouble granting access to my DNS-Server to a customer
who is connected via IPsec. My Setup:172.16.10.11/32 Customer sNAT. All
traffic from my customer has this source.192.168.110.0/24 Loopback
Interface as VPN NAT-Network192.168.55....
Hi Forum,I want to use two Fortigate 200E in an active-active cluster. I
found some docs on how to setup the Cluster but I have a question left:
To get redundancy I need to patch each device with booth Fortigates, but
the two Fortigates are acting as...
Thanks Alex!That's the setup I already tried out in my sandbox. I was
hoping there could be a solution without switches. Anyway, thanks for
your time and help.Cheers
Hi Alex,it's not for HA redundancy. Im happy with the two seperate HA
clusters.I just have these two Datacenters and want a direct connection
between them for internal traffic from one DC to the other. The
Connection between the Datacenters should be...
Sure, here you are: config system interface edit "VLAN Trunk" set vdom
"root" set type aggregate set sample-rate 500 set polling-interval 30
set member "port2" "port3" set snmp-index 29 nextend config firewall
address edit "Office: VLAN104 Subnet" se...
Hi and thanks for your answer! I played around again but no changes...
And of course you are right, there is a policy matching: The default
deny rule. Here are some details: config system interface edit "VLAN60"
set vdom "root" set ip 192.168.60.1 25...
Exact. This will lead to chaos and confusion when managing the firewall.
It's not a nice solution. I'm hoping for a better one. And by the way,
I'm asking myself if this is expected behavior. I would think "any" is
ok. Maybe this should be treated as...
