Dear All, We would like to deploy a Fortigate Configuration without
human Intervention and FortiCloud Services are not an Option. So we put
a simple Config, specially the values in "config system
central-management" on the Fortigate, add a Model Devi...
Hi Community, I would like to setup two different Phase1 IPSEC
Interfaces which divides the peers via identifiers based on certificate
matching. Suppose we have two companies and the structure of the CN is
basically a String formatted like a FQDN of ...
Hi all, Experimenting with vdoms i disabled a vdom and expect the same
behavior as if i pull the plug out of the virtual device. All interfaces
are disabled, no service is responding on any interface belonging to
that particular vdom. But in reality ...
Hi Community, trying to do some configuration stuff with have a good
chance to get disconnected i.e. changing the default gateway on a remote
site via ssh Im using batch mode config system globalset cfg-save
revertset revert-timeout 240set admintimeo...
Hello All, Maybe a stupid question but Im working on a design Problem
with HA, VDOM's and SNMP under FortiOS 5.4.6. According to the examples
in the "FortiOS Handbook - Virtual Domains" I tried to set up a multi
vdom scenario with the root vdom facin...
Hi, this is a new Feature. You have to enable "Security Fabric
Connection" for enabling Capwap. See the release notes for FortiOS 6.2.3
553372Under Administrative Access, CAPWAP and FortiTelemetry have been
combined into one option labeled Fabric Con...
Hi Ken, Thanks for your comprehensive response. Unfortunatly the
wildcard-matching with an Asterisk in the cn-Setting did not work, so I
followed your advice and opened a case. Maybe I will find out how many
entries a peergroup supports on the hard w...
Hi,Thanks for the response. Because of Compliance Rules this must be the
same CA. It's simple a Management Decision so we have to use that one.
Do you have any Information regarding pattern-rules of the Substring
search in CN's in the config user pee...
As a short update, the workaround if anyone have similar problems is the
following:[ul]set cfg-mode to manualset daily-restart enableset
restart-time to whatever is the unit time plus 5 minsissue the commands
in batch modeif successful, unset restart...
Hi All,Thanks for the fast responses but the Core of the problem is that
I'm simple cannot assign the clustered Management Interface an
IP-Address in the same Subnet where the reserved management interfaces
are in. Im getting "Conflicts with 'mgmt1' ...
