hi,i'm moving an IKEv1 config from ASA to FGT.the crypto ACL or
interesting traffic have 3x "inside" source loopback IPs (object
"NETWORK_3") and 1x "outside" public IP 46.3.2.1, i'd assume this is the
public WAN IP of the remote device/FW. access-li...
hi,i can't seem to monitor the IP NAT pool utilization both from the 'IP
Pool' section and adding widget in dashboard. i waited more than 10 mins
but still no output.does it need a fortianalyzer to make monitoring
work? ip pool GUI section: dashboard...
hi,i just moved a new VDOM to a fortigate and observing CPU and other
stats. i noticed the 'global' VDOM spikes to above 90% over 10 min
period.but it looks 'normal' if it's over 24 hour period. tried to run
some CLI commands as below. can someone ad...
hi,i need to convert the ASA static NAT on a subnet to FortiGate.the FGT
GUI doesn't allow me to add/configure a LAN subnet.just wondering how to
implement this?do i configure individual LAN/mapped IP in a VIP, add to
a VIP group to the same external...
hi,i'm converting cisco ASA NAT and ACL config to FGT.can someone
confirm if items below are correct?note i also used forticonverter, but
it's not 100% accurate so doing this manually by hand. 1. if ACL has
"ip" does it mean i allow "ALL_TCP" and "AL...
hi toshi,thanks for your feedback!for question 1, i'm referring to this
kind of setup. refer link below wherein fortinet TAC recommends setting
phase 2 local and remote subnets to 0.0.0.0/0 and just configure the
"interesting traffic" or subnets for ...
hi,appreciate your help but i can't provide proprietary info in a public
forum due to data protection laws.can you please advise if this command
is "safe" to execute?fnsysctl killall voipd
hi, i'll update my config to allow SERVICE: ALL.thanks for confirming my
NAT config.one last question, can FGT support DNAT (static NAT) and SNAT
(PAT) on the same public IP address?the ASA had a static NAT and PAT
referenced to the same IP and just ...
