Hello, this link explains most of state= flags, such as "local",
"redir", "dirty", etc.,
https://kb.fortinet.com/kb/viewContent.do?externalId=FD30042 but it
doesn't explain a flag "none". Does anyone know what it means? Example
diagnose sys session l...
Hello,till now I was sure that there are 2 possible modes: 1)
certificate inspection (inspects the SSL handshake only) and 2) deep
inspection (FG terminate SSL session from WAN side and encrypts packets
with FG certificate towards LAN side). Today I'...
Hi all,all fortigates have two trial licenses for fortitoken mobile. I
have locked them and I can't unlcok them. A FTM Admin guide says: To
unlock the locked token in FOS when FortiToken Mobile Provisioning
Server is reachable, use the following CLI ...
Hi Vasil,thank you for response. I have solved it in other way, so just
for illustration.A sniffer it shows better than debug flow:(connected
over ipsec vpn, over wifi with FortiAP)4.974523 guest in 10.10.100.2 ->
192.168.0.221: icmp: echo request9.9...
Hi,I have the same issue. Dial-up IPsec vpn over WiFi on the same router
is up, but data don't flow.Debug flow showed "reverse path check fail,
drop". I checked a routing table on my Fortigate - there are no issues,
as soon I connect, two new routes ...
Hello,I guess it is 5.41 OS bug. ike log filter src-addr4 doesn't give
useful output any more, it shows "ike shrank heap by ":FGT90D3Z13002576
# diag debug reset FGT90D3Z13002576 # diag debug app ike -1
FGT90D3Z13002576 # diag vpn ike log filter clea...
