Hi We are facing this issue that the FAC is rejecting CSR generated from
our IIS server, and giving this error messageImport has failed: module
'lib' has no attribute 'X509_delete_ext' If I generate the CSR let say
from another OS , linux for example...
Hi What is the difference between:set additional-path-select<#> under
config router bgp andset adv-additional-path <#>under config neighbor
attached screenshot Also, I sow on the other peer this:set
additional-path receiveI disable it by:set addition...
Has anyone faced issue with SCEP in FGT VDOM mode ? I have two
environments where I use SCEPone environment has fortigate and
fortiauthenticator , while the fortigate is not in vdom mode . And I use
there SCEP for auto certificate enrollment and its ...
Hi I'm trying to site to site VPN to be up all the time even when there
is no trafficI went through this KB but didn't
helphttps://kb.fortinet.com/kb/documentLink.do?externalID=12069What
happens here is that our S2S goes down from time to time , if t...
Hello Can someone explain to me differences between setting bfd in BGP
and setting fast-external-failoverNot configuration level, but
operational level?
I opened ticket for TAC the problem is that the 800D is on version 7.4
and the 200G is on 7.2, and when I move manually the IPSEC configuration
to FGT200G , the 200G does not accept the psksecret.gettning:
node_check_object fail! for psksecret ENC .....
Thank youWe also planning next week on moving from 800D to 200Gis there
ETA for 7.4 ?if not we will need to use forticonverter (that if it is
support converting 800d 7.4 to 200g 7.2)or is there a beta version for
7.4.7 for 200G that we could receive ...
This is actually an interesting question.On the one hand, why should we
add a "static route" why the local/remote subnets mentioned in the
selectors. On the other hand, it is what it is :)Anyway, In thinking
this through, and by looking at the commen...
Thank you bothI investigated the issue with support, and it was a
misunderstanding of this commandAs i ran two IPSEC VPNs towards the HQ
additional to the main IPVPN line, I was always receiving three routes
if ibgp-multipath is enabled, no matter if...
Hi Ken Thanks for your answer I did some extra research for the first
part of my question regarding 'set additional-path-select' and I think
it is only for calculation bestpath process. And the 'set
adv-additional-path ' is stating for how many bestp...
