Scenario - FG200E on datcenter side, FG60E on branch side Using a policy
based route I'd like a particular source IP on the branch side to route
all traffic via the tunnel to the datacenter then out on the internet
via the outbound interface IP. Runn...
Fortinet to Fortinet, 100E to 60E, IPSec Tunnel, gigabit connection on
the 100E and 400mbit on the 60E.SMB transfers are slow, about 2 or
3mbps. Have adjusted tcp-mss in the IPV4 policy for the indicated branch
and on the IPSEC interface itself to 13...
Deploying my 6th fortinet 60e - going not bad. The tunnel on this one
flaps every 2 minutes or so. It's a route based VPN with a tunnel
interface. Link monitor: Interface TUNNEL1 was turned downthen a second
or so laterLink monitor: Interface TUNNEL1...
I have 3 FG60E's with route based IPSEC tunnels back to our
datacenter.Once a month or so, they'll suddenly start routing traffic
over WAN1 for the private subnet instead of the VPN tunnel interface
(viewable in the taffic logs). All three of them do...
I'd like to know if there's an easy set of CLI commands that disables
web filtering, SSL screening, antivirus, any ALG etc. etc. I've had a
couple weird issues where traffic to one IP over VPN stops working (it's
to our PBX, and it's SIP traffic, but...
For anyone who needs to do this in the future, most of the steps are now
captured upthread, but in summary: Follow this article as described:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD38790Then add
0.0.0.0/0 to the phase 2 of the tunnel...
Right, made those changes, but the traffic still does not pass. It
selects the policy fine for routing but the traffic never hits the
permit rule nor the remote site, the firewall rule shows a hit for
traffic from the policy selected IP hitting the r...
So static route 0.0.0.0/0.0.0.0 interface TUNNELNAME distance 100 or
does it need to be the same distance as the WAN1 link and just a lower
priority (but higher number in the actual priority field)
All - this isn't an issue of CIFS or NFS being slow over VPN because of
the inherent nature of those protocols. This is a bug in the Fortinet
software, and I'm surprised it's not a bigger deal to more people. It
happens on IPSEC tunnels as well. I've...
IPS is disabled.A ticket is open with Support, they have not replied
(two days too better follow up)Firmware is 5.6.3 build 1547 on both
Really important to note - the issue only exists between 60E and the
datacenter 100E. IN offices where we have a ...