Hi, I have a question about hairpin NAT. When doing hairpin between two
interfaces of FGT, do I have to create/use public VIP for the source and
destination? I found out it works without NAT as well. What type of
specific case do I have to use NAT? T...
Hi FGT Gurus, I have site-to-site VPN between AZ FGT to on-prem FGT. The
AZ FGT is in the same Vnet of VMs in Azure. I have no problem to use
bastion to communicate any VM in the same Vnet. All the AZ VMs have no
problem to communicate with on-prem v...
Hi FAZ Guru, I set our FAZ "alert and delete when usage reaches" to 85%,
and I realize that FAZ tries to do the auto-delete log files everyday or
every other day to keep total usage under 85%. For forensic or audit
purpose, What's the best practice o...
Hi Fortinet Gurus, What are the reasons/use cases Fortimanager need to
access LDAP server? If I need to manage user definition and user group
management, do i need to allow Fortimanager to access LDAP first? THank
you.
Hi Firewall Gurus, I'm looking for best practice for the phase 2
selector subnets in a general case. I understand in some case it
requires to use 0.0.0.0/0. I'm talking about in decent network
segmentation internal network that connects to outside. I...
Thank you Saneeskpv.If i need to use Fortimanager to add or edit
Fortigate User&Authentication -> User Definition or User Groups or LDAP
servers sections, i don't need to integrate directory services. Is that
correct? Only when i need to user my admi...
Thank you for the info. The more selectors we have, the more negotiation
we need, e.g. multiple SA. Is that true? phase 2 selectors need to be
negotiated one by one. If we have one broader range, and like you said
use policy to restrict each access, ...
