Fortinet Community

aionescu · 11-29-2022

Description This article explains the change in behavior regarding dial-up tunnel interfaces configured as SD-WAN interface members. Scope FortiGate FortiOS 7.0.8, 7.2.1. Solution The following configuration is assumed: - SD-WAN zone has as a member,...

aionescu · 06-30-2022

Description This article describes how to configure the FortiGate so local-out IKE traffic matches configured Policy Based Routing Scope FortiGate v 6.4.9, 7.0.2 and 7.2.0. Solution There are cases when IKE local-out traffic needs to match a configur...

aionescu · 05-31-2022

Description This article describes how to configure OSPF over a dynamic tunnel with 'net-device disable' and 'mode config'. Scope FortiGate Solution The topology consists of two firewalls, in a hub and spoke topology. Overlay IPs of the Spokes (10.10...

aionescu · 05-26-2022

Description This article describes how to fix issues with IPsec tunnels configured with an IPpool as a local gateway. Scope FortiOS 6.4.9 and FortiOS 7.0.1. Solution Updating the firewall to FortiOS 6.4.9 or 7.0.1 might create issues with IPsec tunne...

aionescu · 02-24-2022

Description This article describes how to configure the FortiGate to advertise, via BGP, static routes but filter the advertisement of the static default route. Scope Solution In this setup, there are two units involved the HUB and the SPOKE. On the ...

aionescu · 03-16-2023

Hi @psetoo , it is not very clear what you are trying to achieve. Can you upload a basic network diagram that explains the setup?

aionescu · 03-14-2023

Hi, the output shows that the traffic is dropped because there is no policy to allow it. As per your first comment the traffic is expected to come from WAN but in the provided output it comes from "internal". Please check if the policy is correctly c...

aionescu · 03-13-2023

Hi @AMAK To have better visibility on how the traffic is handled can you, please, perform a debug of the traffic flow? diagnose debug reset diagnose debug flow filter addr x.x.x.x <----- where x.x.x.x is the source of the traffic. diagnose debug flow...

aionescu · 02-25-2023

@Fabio74 Great. Let us know the outcome :).

aionescu · 02-23-2023

I am not sure I understand your configuration but, on both firewalls you need to have routes towards each network. So, on B you would need routes towards both subnets that are behind firewall A.

Fortinet Community

User Statistics

User Activity

Technical Tip: Considerations regarding dynamic tunnels configured as SD-WAN interface members

Technical Tip: Local-out IKE traffic match Policy Based Routing

Technical Tip: OSPF over dynamic tunnel with 'net-device disable' and 'mode config'

Technical Tip: Fix issues with IPsec tunnels configured with an IPpool as local gateway

Technical Tip: Advertise static routes via BGP and filter default static route

Re: Routing issue

Re: Virtual IP address to connecting from internal

Re: Virtual IP address to connecting from internal

Re: Site To SIte

Re: Site To SIte

Re: Point to point connection between 2 sites

Re: How do I schedule a reboot in FortiGate firewa...

Re: how to reset hit counts for SD-WAN rules?

Technical Tip: Bi-directional Forwarding Detection...

Re: Few questions about Fortigate 40F

Re: How do I schedule a reboot in FortiGate firewa...

Re: how to reset hit counts for SD-WAN rules?

Re: FortiGate FGCP A-P Virtual Switch MAC Address

Re: SSLVPN to Azure VPN traffic not flowing

Re: Hardware Switch Interface Vlan Configuration