Working on a client build. Site X has a Fortigate cluster, and uses
10.150.54.0/24 split into /25 for corp wired and wireless. Site Y has a
Fortigate cluster as well, and has a 10.10.120.0/24 network and other
networks. The Fortigate interface is 10....
Client has a branch office, direct-connected to their DataCentre over a
Point-to-point link using Fortigate cluster on both ends. Comes in on
both sides to port6 on a small network. Routing from branch office to
datacentre and vice versa is done via ...
We have a remote client that uses a non-Fortinet firewall for most of
their activities (scheduled to be replaced in the next few months) - but
in all the kerfuffle with quarantining, etc, we were asked to give them
a quick VPN solution to use that th...
I support a client whose main office is connected to their datacentre
through a fiber point-to-point link. The P2P link, has a small /30
network on each side, on their Fortigate and traffic is routed between
their main office and datacentre over the ...
We allow our staff to use SSLVPN to reach our internal network and some
client networks, and they use the FortiClient SSLVPN v 6.0.* in order to
connect. We don't currently have EMS or anything like that and are only
using the SSLVPN functionality of...
Yeah - we have routes on both IPSec VPNs for these networks. I was
racking my brains to see if I could work around this at the firewalls -
but I don't think I can. The MPLS needs to be the default gateway for
this server for various reasons, within t...
Your cli I thinks is wrong. Should be: exec ping-options source
192.168.25.250 To make it use the LAN interface to send the pings.
We had a similar issue - TAC found a DOS policy that had been set by a
coworker that was periodically causing the issue due to probes that
Teams periodically sends out to test performance. The DOS policy was
dropping the probes and causing all sorts ...
sw2090 wrote:I do this by haven to VPN S2S IPSec Tunnels from HQ to
Site.They both have the same policy (except from src/dst interface of
course) and both have a static route for every subnet I need to access
from each site. There is just different p...
Ummmm - I haven't run 5.6.* in a few years on any of my clients, so I
don't recall if this was/is a known problem or not at that level of
firmware. I can suggest that upgrading to the most current (at least on
5.6.*) won't hurt, at any rate. The late...