Hi,I operate two FortiGate 120G devices in an Active-Standby HA
configuration with a BGP connection.When an Active-Standby failover
occurs, there is a BGP interruption of approximately 30 seconds.The
following KB article states that the BGP process o...
Hi teamsI am using a FortiGate firewall with stateful inspection
enabled, and we'd like to understand the packet processing logic for
return traffic.Could you please share any information you have on
this?Specifically, I am looking for an explanation...
Hi teams,I am currently considering adding a non-preferred route for
return traffic to make it follow an atypical path. Could you please
explain the criteria for selecting routing preference when dynamic and
static routing are mixed?My understanding ...
Hi,I need to configure policy-based routing and I'm testing it, but it
doesn't work even though the configuration is correct.According to a
veteran's advice, I temporarily enabled asymroute, and when I
immediately disabled it, the routing started wor...
Hi,I am considering using destination NAT on the secondary IP address of
the internet-facing port to build a DMZ network.Although I were able to
configure destination NAT for the secondary IP address, but it is not
working.My hypothesis is that the p...
Thank you all for the kind advice.You have greatly accelerated my
understanding.I have one last request. Could you please let me know if
you know of any packet flow documents for return traffic?I'm looking for
a return traffic version of the packet f...
Thank you all for your kind advice.I believe my hypothesis is correct,
any feedback or comments from those with similar experience or knowledge
would be greatly appreciated.Thank youKenji
Thank you for your feedback.It's difficult for me to share the config as
is, so I'll share a version with some parts masked.If you'd like to
request the unmasked config, I can provide the parts that are possible
to share.config router bgpset as XXXse...
Hi Toshi-sanThank you for your kind advice.I now understand that I can
tune the routing using static routes. I'll test a mixed BGP and static
environment in our test environment at a later date.I also have a
hypothesis that routes from different prot...
Toshi-sanThank you for the kind advice.Regarding the production
configuration, it will be slightly different from the diagram I showed
you earlier.My intended configuration was to use policy-based routing
for return traffic.However, since I've now co...