Good day everyone, I'd be glad to hear your input on - what are
benefits/disadvantages of IPSec site-to-site 2 tunnels between 2
Fortigates, each having 2 ISP links inside/outside SD-WAN membership?
SD-WAN config including both ISP links for Internet...
Good day everyone, I am trying to get real-time throughput/bandwidth of
the traffic passing the Fortigate stats, but to no avail so far. I need
it 30-60 days back, so FortiView does not help here. I tried querying
perf-stats log column which is sent ...
Good day everyone,I am trying to understand how and what for to use
peertype dialup settings in Phase1 interface mode for IPSec VPN client
connections. The documentation just lists this option, Google tells
contradicting stories. I tried just for luc...
Good day everyone,I am trying to understand why - is it a bug/normal
behavior/or my misunderstanding, and your help is much
appreciated.Problem: FGVM learns via BGP some route, then using
route-map, sets its next hop to dummy address 192.0.2.1, which...
Hello everyone,I've noticed Fortinet docs less and less mention diagnose
debug commands in the documentation. Where do you find them when in
need, especially for the new FortiOS versions? There was once Wiki
https://wiki.diagnose.fortinet.com with al...
If you don't intend to separate accessible from the Internet hosts into
a different network, then doing the regular VIPs (Virtual IPs) will do
the job, and is the most simple to implement.
Your requirements are pretty high in number of users, SSL Deep
Inspection for blocking specific traffic inside HTTPS tunnels, QOS, VPN
SSLs. So you are talking about bigger models with heavy price tag (200F
and higher). I wouldn't advise you to decid...
If you mean that Fortiweb sends logs already with the wrong timestamps,
then not much you can do (provided it is connected to NTP, and
synchronized), except open a ticket with TAC. As there is not much of a
debug process for time stamping logs.
Not an elegant or recommended by someone solution, but when the risk is
high, I do changes on the local Fortigate, then, having made sure all
works fine, sync/import the changes to the Fortimanager.