Technical Tip: Instability of IPsec VPN Tunnels te...

alif · 05-15-2025

Description This article describes the functionality of interface-policy on FortiGate. Scope FortiGate. Solution Consider an interface-policy configured on FortiGate as follows: config firewall interface-policy edit 1 set uuid b7c08d6c-1491-51f0-a0a2...

alif · 04-15-2025

Description This article describes why an eBGP peer may not change the next hop to itself due to the BGP NEXT_HOP attribute. Scope FortiGate. Solution An eBGP router always uses its own IP address as the next hop address when advertising a route. Con...

alif · 03-05-2025

Description This describes hardware acceleration support with respect to 802.1 Q-in-Q VLAN tags. Scope FortiGate. Solution Consider the following VLAN interfaces configured on FortiGate-I. config system interface edit "vlan111" set vdom "root" set ip...

alif · 02-18-2025

Description This article describes the option to enable/disable auto-generated VLANs that are dynamically created upon first switch discovery on the FortiLink interface. Scope FortiGate, FortiOS 7.6.3 (and later). Solution As of FortiOS version 7.6.3...

alif · 01-02-2025

Description This article describes the behavior of the default gateway setting under IPsec tunnel configuration on FortiGate. Scope FortiGate. Solution Consider a dialup IPsec VPN tunnel configured on FortiGate as follows: config vpn ipsec phase1-int...

alif · 11-07-2024

hi @ganesh_karale , It sounds like an unexpected behavior. Please open a ticket with Fortinet TAC and share the configuration along with the screenshot of the error for further investigation.

alif · 06-24-2024

Hi @aguerriero, Please disable offloading on firewall policy and see if the issue persists. If possible, please upgrade to FortiOS 7.4 version as well as it could be something specific on 7.2.

alif · 10-26-2023

Hi @RolandBaumgaertner72 , well it totally depends how you would prefer to have the setup. Without SD-WAN, you can modify the distance/priority settings as explained in the below link. https://community.fortinet.com/t5/FortiGate/Technical-Note-Routin...

alif · 10-26-2023

Hi @RolandBaumgaertner72 Thank you for reaching out the Fortinet community. If you prefer one WAN link over another, you can configure SD-WAN rules to prioritize traffic. SD-WAN rules are checked from top to bottom (first match). https://docs.fortine...

alif · 09-28-2023

hi @chendewu_520 There are only two methods supported for activating via FortiToken; Email and SMS.

User Statistics

User Activity

Technical Tip: Functionality of Interface-Policy on FortiGate

Troubleshooting Tip: BGP next hop not changing for an eBGP peer

Technical Tip: Hardware Acceleration (NPU Offloading) not supported with 802.1 Q-in-Q VLAN tags

Technical Tip: Option to disable automatically created VLANs under switch-controller template

Technical Tip: Impact of default gateway in IPsec Tunnel configuration on Kernel Routing Table

Re: WebSocket is closed before the connection is established

Re: 200F, 7.2.8, EMAC VLANS, and Ansible HTTPAPI with intermittent failures

Re: SD WAN Configuration

Re: SD WAN Configuration

Re: The 2FA code activation email was blocked

Technical Tip: Instability of IPsec VPN Tunnels te...

Technical Tip: IPSec VPN NAT-traversal

Technical Tip: How to identify Inactive Routes in ...

Technical Tip: HA session failover (session pickup...

Technical Tip: Configuring the Firewall Policy Rou...

Re: MAC device and source zone

Re: Fortigate with older firmware stood new Fortic...

Re: "session clashed" issue in SDWAN configuration

Re: forticlient VPN on MacOS 10.14.6 white blank s...

Re: Setup Fortigate to communicate to Fortiweb

KCS

User Statistics

User Activity

You are leaving our website