Re: SDWAN the wan1 member overload

saneeshpv_FTNT · 06-18-2025

Description This article explains how to configure SNAT using an IP pool in an active-passive FortiGate-VM high availability (HA) setup on AWS across multiple zones. Scope FortiGate VM in AWS. Solution This article outlines the configuration of IP po...

saneeshpv_FTNT · 01-06-2026

Hi @rohit0643, As per below article, "FortiClient 7.4.4 and later versions do not support IPsec VPN IKEv1. Configure IPsec VPN IKEv2 if using FortiClient 7.4.4 and later versions." https://docs.fortinet.com/document/forticlient/7.4.5/ems-administrati...

saneeshpv_FTNT · 05-21-2025

@Karoui1989 , This could be also because your "mgmt1" interface is referenced somewhere in the configuration (for example, used in the static route configuration or a policy). You check the reference and delete any reference to this and then you shou...

Re: SDWAN the wan1 member overload · 02-24-2025

@azizrizkyd Volume based method will take in account the Cumulative amount of bytes received on the interface and the interface weight when distributing the session to each member interface. Higher the value for weight and target volume, more session...

saneeshpv_FTNT · 09-20-2024

Hi @rbenoit , Could you please upgrade your FAC to version 6.6.2 if it is Older version as we have an some enhancement made with version 7.4.5 of FortiOS as a fix for the CVE-2024-3596 and FAC should be on 6.6.2 or above to support this change. If yo...

saneeshpv_FTNT · 07-02-2024

@okan As a first step, please enable logging in the policy and please check the traffic logs to see what IP is being matched in the deny policy and see if this IP is in your Yandex_IP_Group. Also check the port on the allow policy is matching with th...

User Statistics

User Activity

Technical Tip: Configuring SNAT with IP Pools in an Active-Passive FortiGate-VM HA Setup on AWS Across Multiple Zones

Re: Not getting the token

Re: HA Management Interface Reservation