Hello All, could anyone tell me that why I enable AV profile on policy,
but two other options (Proxy Options and SSL Inspection) are also be
enabled ? Thanks. Here is my FortiGate setting:FortiOS: 5.6.4
Topology: Hello All, I have the privilege to manage two FGTs.(I can
control NAT, Route... etc on two FGTs.) Question:1.Can I route local
traffic to 8.8.8.8 via following path ? [ Local PC -> FGT1 -> ISP1 ->
ISP2 -> FGT2 -> ISP2 -> Internet ] In other...
Hello all,I have a FWF60C, because there were some error messages about
disks from the console.I erased the disk using 「 # execute erase-disk 」
command.After that, I can't boot my FWF60, the console view as follow:
FortiWifi-60C (16:25-09.28.2011)Ver...
I learned about the ha checksum on Fortinet , the "link". some of the
contents as follow : The following command output is for the primary
unit of a cluster that does not have multiple VDOMs enabled:diagnose sys
ha checksum showis_manage_master()=1, ...
I have a FGT200B but it can't boot, in the console show this message
"ERROR: Bulk read CSW ret = -32"I tried formating the boot device and
but not work, the console message as
follow:==============================================Enter G,F,B,I,Q,or
H:...
Hello all, thank you very much,let me make a conclusions for the above
discussions. If I want to route traffic from local PCs in branch to
Internet via HQ's FGT.There are some methods:1.Site-to-Site VPN between
2 FGTs with static route and policy con...
ede_pfau wrote:Yes, 'site-to-site' is rubbish, sorry. SSLVPN using
FortiClient. OK, I see.If using this method, I have to make more effort
on user training.Anyway, it's also a solution, thanks a lot.
ede_pfau wrote:I'm afraid that with a static WAN address the next hop
(gateway) must be within the same subnet. The scenario I posted will
only work if the WAN interface was connecting via PPPoE. Thanks for the
KB articles which state this very clear...
ede_pfau wrote:Contrary to what the other fellows posted, YES this can
be done.In short: Create a static route on FGT1 with destination FGT2
and use FGT2 as your next hop router. In more detail:You want all
internet-bound traffic to reach FGT2, and f...
rwpatterson wrote:@LiaoYuRuei Look, I'm not trying to be hard or
stubborn, but why are you so resistant to protect your traffic? You are
on a firewall forum asking how to send your organization's traffic over
the Internet unencrypted so the world can...
