Description This article describes cases that generate logid 0100032568.
Scope FortiGate, FortiAnalyzer. Solution The FortiGate configuration
revision makes it possible to maintain multiple versions of the
configuration file on the device. When the r...
Description This article explains the change in behavior regarding
dial-up tunnel interfaces configured as SD-WAN interface members. Scope
FortiGate FortiOS 7.0.8, 7.2.1. Solution The following configuration is
assumed: - SD-WAN zone has as a member,...
Description This article describes how to configure the FortiGate so
local-out IKE traffic matches configured Policy Based Routing Scope
FortiGate v 6.4.9, 7.0.2 and 7.2.0. Solution There are cases when IKE
local-out traffic needs to match a configur...
Description This article describes how to configure OSPF over a dynamic
tunnel with 'net-device disable' and 'mode config'. Scope FortiGate
Solution The topology consists of two firewalls, in a hub and spoke
topology. Overlay IPs of the Spokes (10.10...
Description This article describes how to fix issues with IPsec tunnels
configured with an IPpool as a local gateway. Scope FortiOS 6.4.9 and
FortiOS 7.0.1. Solution Updating the firewall to FortiOS 6.4.9 or 7.0.1
might create issues with IPsec tunne...
Hi, can you share the output of the following commands, ran on both
FortiGates. diagnose debug resetdiagnose debug console timestamp
enablediagnose debug flow filter addr x.x.x.x <------------where x.x.x.x
is the IP of an OSPF routerdiagnose debug fl...
Hi @jm-barreto, welcome to the community. Can you share with us the ospf
configuration? Also, please update us with the output of the get router
info ospf neighbor command and of the ones from
https://community.fortinet.com/t5/FortiGate/Technical-Tip...
Hi @crti , welcome to the community. Please find more info about that
log at:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Explanation-of-Unknown-SPI-message-in-Event-log/ta-p/190530
Hi, the output shows that the traffic is dropped because there is no
policy to allow it. As per your first comment the traffic is expected to
come from WAN but in the provided output it comes from "internal".
Please check if the policy is correctly c...