Re: msg="iprope_in_check() check failed on policy...

ede_pfau · 08-27-2022

FortiOS v6.4.10 has been released:https://docs.fortinet.com/document/fortigate/6.4.10/fortios-release-notes/760203/introduction-and-supported-models

ede_pfau · 11-25-2020

hi, today I set up email alerts for various events (so, event based and not severity level based), and I am missing a setting for hardware failure events, you know, fans, PSU, temperature. A look into the CLI didn't help.Am I thinking too hard, and t...

ede_pfau · 03-02-2019

Hello fellows, for simplicity, I often use my private SSH key to log in into my local admin account on various FGTs (I mean, CLI access via SSH). Now, if instead of a local admin account I use a wildcard admin account against LDAP/MS AD in the backgr...

ede_pfau · 08-31-2016

hello all, I've got a pair of FG-200B running v4.3.18 in A-P HA mode. Each cluster member is at a different location, HA links are across a dedicated line. On each site, there is one Cisco access router (19xx) in front of the FGT providing WAN access...

ede_pfau · 08-12-2016

hello all, I'm planning to place the slave unit of a Fortigate HA cluster into a remote location. There is a leased line (layer 2) for the HA connect. Can anybody confirm that I can run the HA traffic across a VLAN between the access switches on each...

ede_pfau · 01-15-2026

If you've got the budget to get a 70F, you also have the budget to get a 70G. Which is a very decent machine.

ede_pfau · 01-15-2026

Just have completed the same update, from v7.4.3 to v7.4.5. Screen stuck at 50%.After refreshing the browser (here: FF) via F5, the screen changed to "Completed!" and all was fine.I guess it's the same as with FGT updates, at some point the Java scri...

ede_pfau · 11-27-2025

You cannot use 'ping' to test a port-forwarding VIP. ICMP is a portless protocol.Which host is 172.16.0.1? There is no connectivity in the subnet.Do you use VLANs? If so, inbound and outbound traffic to/from a FGT on a VLAN interface is always tagged...

ede_pfau · 11-26-2025

IMHO the policy does not allow this traffic.It needs to allow HTTP (port 80) and your custom service (tcp/10020). Please give it a try. If unsuccessful, run a 'diag debug flow' to see what happens. Post it here for interpretation.

ede_pfau · 11-26-2025

The second phase2 selector is not up (10.131.88.222 <> 192.168.20.0). Most often this is because the other side doesn't accept it, or the policy on your side.

User Statistics

User Activity

FortiOS v6.4.10 is out

email alerts for hardware events

Admin auth per SSH key and LDAP

Synchronizing FGT HA with Cisco VRRP

HA over VLAN to remote FGT?

Re: 60F replacement

Re: Issues during and after the Forticlient EMS 7.4.5 upgrade

Re: fortigate virtual ip cant access from outside

Re: fortigate virtual ip cant access from outside

Re: show phase 2 status up/down fortigate 200F v7.4.8

Re: msg="iprope_in_check() check failed on policy...

Re: Create 2 Tunnel from 1 device

Re: Traffic match with wrong Schedule

Re: FortiClient interrupting BUEXEC backups on exc...

Re: Update firmware from cli tftp: error code -39

Re: FortiAnalyzer 7.6.4 on Azure: Daily Log Limit ...

Re: Creating a NAT in Fortigate 120G

Re: Comcast increased my WAN speed to 1100 Mbps an...

Re: Reachability Issue Between Head Office and Bra...

Re: Generated Heat Value in kW for 124F-POE and 14...

Fortinet Training Institute

Super User

User Statistics

User Activity

You are leaving our website