This happened here in this constellation: FMG v7.0.5FGT v7.0.9Adom
FortiOS v7 when you create a vip in policy manager you see it in the vip
section in the objects menue but it does not appear in the selection
when you edit or create a policy and they...
I ran into an issue here: I have a zone with several members.Now I need
multicast forwarding for airprint between two members of that
zone.intra-zone-traffic is blocked (per default) which is wanted that
way.So any traffic has to be explicitely allow...
Hiho, there is an old bug in FortiOS and FortiManager that allows you to
set too long Phase1 names. This can cause problems wenn the FGT runs out
of space on creating new dialup instances due to enumeration. This
means: when you create a dial up ipse...
just encountered this: IPSec Dial Up does allow concurrent tunnels. To
make sure it can handle each one it enumerates the tunnels. Good so
far.Though the Gui (and the FOrtimanager gui also) allow you to enter
too long p1 names.If you p1 name is too l...
Hiho, I have an adom which used to bei v6.2 before. As long as it was
6.2 all worked fine even after upgrading the FortiManager to v6.4. Once
I upgraded the adom (and the global adom as it provides objects that are
used in that adom) to v.6.4 I canno...
usually FMG does not show a device to chose when it considered there is
nothing to deploy to that device. Sometimes FMG seems to be wrong here
though...
Depends on your FMG. If it already supports FortiOS 7.x.x you don't need
to upgrade it for upgrading FGTs. If it does not you will have to
upgrade it to make it support that.The order doesn't really matter
because you will have to upgrade all FGT in ...
hm there is one issue with that: Fortigate gui let's you enter custom
dns server(s) for a vpn. For whatever reason the gui does lack the dns
mode option. So you set custom DNS servers but dns mode is still set to
auto (or similar). You might have to ...
basically I'd say it was a missing routing issue. The PC has the Sonic
Wall als default gw so the sonic wall has to have a route back to your
vpn or you will not get a ping reply because it would hit the default
route on sonicwall. Enabling NAT is a ...
Basically to forward a port on a fgt you create a vip and set the
neccessary values. Mostly setting the destination ip and port is enough.
Then create a policy setting the required source and the vip as
destination and probably allow the service. Exa...