We are converting checkpoint configurations to fortigate (finally
getting rid of it)But I have seen the interface setting and here is
something I am not used to itIn Checkpoint the LAG interface itself (the
physical) has a network without VLAN the Fo...
Hello Running FAZ 7.4.7 What does has this impact on (exceeding the
daily logs license)?Does this mean new logs will not be saved?Or it has
(something) related to TAC support?
Hi We are facing this issue that the FAC is rejecting CSR generated from
our IIS server, and giving this error messageImport has failed: module
'lib' has no attribute 'X509_delete_ext' If I generate the CSR let say
from another OS , linux for example...
Hi What is the difference between:set additional-path-select<#> under
config router bgp andset adv-additional-path <#>under config neighbor
attached screenshot Also, I sow on the other peer this:set
additional-path receiveI disable it by:set addition...
Has anyone faced issue with SCEP in FGT VDOM mode ? I have two
environments where I use SCEPone environment has fortigate and
fortiauthenticator , while the fortigate is not in vdom mode . And I use
there SCEP for auto certificate enrollment and its ...
I opened ticket for TAC the problem is that the 800D is on version 7.4
and the 200G is on 7.2, and when I move manually the IPSEC configuration
to FGT200G , the 200G does not accept the psksecret.gettning:
node_check_object fail! for psksecret ENC .....
Thank youWe also planning next week on moving from 800D to 200Gis there
ETA for 7.4 ?if not we will need to use forticonverter (that if it is
support converting 800d 7.4 to 200g 7.2)or is there a beta version for
7.4.7 for 200G that we could receive ...
This is actually an interesting question.On the one hand, why should we
add a "static route" why the local/remote subnets mentioned in the
selectors. On the other hand, it is what it is :)Anyway, In thinking
this through, and by looking at the commen...
Thank you bothI investigated the issue with support, and it was a
misunderstanding of this commandAs i ran two IPSEC VPNs towards the HQ
additional to the main IPVPN line, I was always receiving three routes
if ibgp-multipath is enabled, no matter if...
