I created a VIP to map (forward) external port to internal port on the
server inside (e.g. 8080 to 80). When I create a firewall policy for
this incoming connection, should I specify external or internal port or
both in the "Service"?If only one is e...
I'm trying to connect two sites by two IPSec tunnels. Site A has 2 WANs
and site B has single WAN.My example is exactly the same as in this
technical tip:Technical Tip: Configure IPsec VPN with SD-WAN Document
says:Configure the Peer end Device, if i...
It does not help. Furthermore diagnose vpn ike restart nukes existed and
working (non-TCP) connections by replacing polices by default ones even
though it is not reflected in GUI, so experiment with caution.
Let's me share my findings:- it is not possible to have static routes
through SD-WAN zone and its individual members simultaneously, even with
different metrics. As soon as VPN interfaces are added into SD-WAN zone,
associated individual static route...
I found on German reddit that people discovered that if on 7.6.x change
standard port 443 to something else and then revert back to 443 it
starts to work!Unfortunately I can't test it because I have productive
SSL behind FGT so I cannot use or even t...
Nope. 80F 7.6.3 and free FortiClient 7.4.3.1790. Custom port 444.In a
sniffer I only see syn and ack. In IKE debug I only see there 3
lines.Notice a timeout occurs in 18 seconds. Pretty hopeless.
As of today, multi-cert works as expected with WAF+VIP and IIS with
7.6.3, I don't see any warnings. Config consists of two certs, one
covers multiple sites with wildcard SAN and second one is specific for
another domain. Both from Let's Encrypt.I di...
