Technical Tip: Bi-directional Forwarding Detection...

aionescu · 09-12-2024

Description This article describes how to interpret the values of the 'craction' field in traffic logs. Scope FortiGate. Solution The field 'craction' can be seen in the traffic logs in the context of threat weight and IPS inspection. For further exp...

aionescu · 07-25-2023

Description This article describes cases that generate logid 0100032568. Scope FortiGate, FortiAnalyzer. Solution The FortiGate configuration revision makes it possible to maintain multiple versions of the configuration file on the device. When the r...

aionescu · 11-29-2022

Description This article explains the change in behavior regarding dial-up tunnel interfaces configured as SD-WAN interface members. Scope FortiGate FortiOS 7.0.8, 7.2.1. Solution The following configuration is assumed: - SD-WAN zone has as a member,...

aionescu · 06-30-2022

Description This article describes how to configure the FortiGate so local-out IKE traffic matches configured Policy Based Routing Scope FortiGate v 6.4.9, 7.0.2 and 7.2.0. Solution There are cases when IKE local-out traffic needs to match a configur...

aionescu · 05-31-2022

Description This article describes how to configure OSPF over a dynamic tunnel with 'net-device disable' and 'mode config'. Scope FortiGate Solution The topology consists of two firewalls, in a hub and spoke topology. Overlay IPs of the Spokes (10.10...

aionescu · 05-08-2023

Hi, can you share the output of the following commands, ran on both FortiGates. diagnose debug resetdiagnose debug console timestamp enablediagnose debug flow filter addr x.x.x.x <------------where x.x.x.x is the IP of an OSPF routerdiagnose debug fl...

aionescu · 05-05-2023

Hi @jm-barreto, welcome to the community. Can you share with us the ospf configuration? Also, please update us with the output of the get router info ospf neighbor command and of the ones from https://community.fortinet.com/t5/FortiGate/Technical-Tip...

aionescu · 05-05-2023

Hi @crti , welcome to the community. Please find more info about that log at: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Explanation-of-Unknown-SPI-message-in-Event-log/ta-p/190530

aionescu · 03-16-2023

Hi @psetoo , it is not very clear what you are trying to achieve. Can you upload a basic network diagram that explains the setup?

aionescu · 03-14-2023

Hi, the output shows that the traffic is dropped because there is no policy to allow it. As per your first comment the traffic is expected to come from WAN but in the provided output it comes from "internal". Please check if the policy is correctly c...

User Statistics

User Activity

Technical Tip: Explanation of 'craction' value

Technical Tip: Explanation of logid 0100032568

Technical Tip: Considerations regarding dynamic tunnels configured as SD-WAN interface members

Technical Tip: Local-out IKE traffic match Policy Based Routing

Technical Tip: OSPF over dynamic tunnel with 'net-device disable' and 'mode config'

Re: OSPF with vxlan over IPSec

Re: OSPF with vxlan over IPSec

Re: VPN Problems

Re: Routing issue

Re: Virtual IP address to connecting from internal

Technical Tip: Bi-directional Forwarding Detection...

Re: How do I schedule a reboot in FortiGate firewa...

Re: Point to point connection between 2 sites

Technical Tip: Explanation of 'craction' value

Technical Tip: Explanation of logid 0100032568

Re: How do I schedule a reboot in FortiGate firewa...

Re: how to reset hit counts for SD-WAN rules?

Re: FortiGate FGCP A-P Virtual Switch MAC Address

Re: SSLVPN to Azure VPN traffic not flowing

Re: Hardware Switch Interface Vlan Configuration

KCS