We currently have several Fortigates running v6.0.4 and a FAZ also
running v6.0.4. We are going to implement a FAM and looking for
community experience/recommendation. Upgrade FAZ to v6.0.6 and install
FMG at v6.0.6 or Upgrade FAZ to v6.2.1 and insta...
I am trying to design a new FGT-1500D deployment to replace a Juniper
firewall. The firewall connects to a pair of switches in one computer
room and another pair of switches in another computer room. The Juniper
is using redundant links to ensure onl...
You may need to do things outside the realm of the firewall
like:[ul]802.1x authentication on the wired/wireless networkDHCP
reservation / filter (Allow / Deny)Sticky MAC on the switch portsHR
Policy: termination of offending employees[/ul]
DHCP relay on the Fortigate follows the rules of routing. When the
tunnel is down it would attempt to forward out the default route (as you
suspected). Once the tunnel is back up routing over the VPN would resume
and any new DHCP requests would be se...
How is the firewall learning the route to the destination network
(10.0.5.9)? Off hand, it looks like it could be a flapping route. If
it's dynamic look for messages relating to the routing protocol (BGP /
OSPF) if static, make sure you are not seein...
If you had FortiAPs you could create separate SSIDs for Computers and
Phones. Computer SSID would let bridge the the local network (or tunnel
for more policy control) and Phone SSID would tunnel to the Fortigate.
In your case, you can see if you can ...
