Description This article explains the change in behavior regarding
dial-up tunnel interfaces configured as SD-WAN interface members. Scope
FortiGate FortiOS 7.0.8, 7.2.1. Solution The following configuration is
assumed: - SD-WAN zone has as a member,...
Description This article describes how to configure the FortiGate so
local-out IKE traffic matches configured Policy Based Routing Scope
FortiGate v 6.4.9, 7.0.2 and 7.2.0. Solution There are cases when IKE
local-out traffic needs to match a configur...
Description This article describes how to configure OSPF over a dynamic
tunnel with 'net-device disable' and 'mode config'. Scope FortiGate
Solution The topology consists of two firewalls, in a hub and spoke
topology. Overlay IPs of the Spokes (10.10...
Description This article describes how to fix issues with IPsec tunnels
configured with an IPpool as a local gateway. Scope FortiOS 6.4.9 and
FortiOS 7.0.1. Solution Updating the firewall to FortiOS 6.4.9 or 7.0.1
might create issues with IPsec tunne...
Description This article describes how to configure the FortiGate to
advertise, via BGP, static routes but filter the advertisement of the
static default route. Scope Solution In this setup, there are two units
involved the HUB and the SPOKE. On the ...
Hi, the output shows that the traffic is dropped because there is no
policy to allow it. As per your first comment the traffic is expected to
come from WAN but in the provided output it comes from "internal".
Please check if the policy is correctly c...
Hi @AMAK To have better visibility on how the traffic is handled can
you, please, perform a debug of the traffic flow? diagnose debug reset
diagnose debug flow filter addr x.x.x.x <----- where x.x.x.x is the
source of the traffic. diagnose debug flow...
I am not sure I understand your configuration but, on both firewalls you
need to have routes towards each network. So, on B you would need routes
towards both subnets that are behind firewall A.