Hello, I’m simulating a scenario for a customer with GNS3. Each “site”
has a FortiGate with two VDOMs: root and internal.internal has 3
subnets:[ul]port1+vx-lan1 is a software switch, the VXLAN VTEP is at the
other site. intra switch policy is set to...
Hello, Before we start a little disclaimer: this is posted as-is, it's
not something I did using Fortinet's official documentation (AFAIK,
there isn't any about the DC Agent installer), nor supported by
Fortinet. Use at your own risk. This was tested...
Hello Forum, A customer has it's infrastructure with a Fortinet SSO
collector version 5.0.0254 and i need to upgrade it to 5.0.0271 (due to
a fimware upgrade in a FortiGate device). Tough i found in 5.4.10's
release notes that i need the collector ve...
Hello Forum I'm posting this because I'm trying to find a list of
ipprope groups id and their meaning. So far I couldn't find anything and
onl cross referenced some like these:[ul]100000: virtual IPs or
destination nat100004: IPv4 policies100015: tra...
Magion, I did something like this in my lab. All the users are Active
Directory users: config user peer edit "peer1" set ca "home_lab" set
subject ".hydra.local" next end In plain english, this is "certificate
must belong to the home_lab CA and it's ...
I finally got a reply from the TAC, and they made me configure the
inter-vdom link with the "set type ethernet" option, ie: config system
vdom-link edit "int-ext" set type ethernet next end And just like that
it started working. I don't know how this...
Ken, The packet never got to the remote firewall. Today I did
this:[ul]rebuilt the lab using vmware esxi, this was done to discard a
GNS3 bug and/or KVM VM bug. same results.reconfigured the lab to use a
VPN with VXLAN encapsulation (recipe at
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.