Description This article describes the differences between the two
solutions to manage every cluster member individually. Scope FortiGate.
Solution When access to all cluster members is needed two options can be
used. The first one is the in-band man...
Description The article describes the message ID in IKE messages during
the IPsec negotiation. Scope FortiOS. Solution The message ID is a
32-bit quantity that is included in every IKE message as part of its
fixed header. The first message has the va...
Description This article describes an issue users face with missing
speed options on 10xF models after upgrading to FortiOS v7.2.8 or v7.4.2
and later. Scope FortiGate-100F/101F. v7.2.8 or v7.4.2 Solution
FortiGate-100F/101F has 28 total ports. See t...
Description This article explains the default behaviour of the FG-VMxxV
and FG-VMxxS series of FortiGates, specifically with regards to
multi-VDOM functionality. Scope FortiOs all Solution The FG-VMxxV and
FG-VMxxS series do not come with a multi-VDO...
Description This article describes the workspace mode which can be used
to manually save the changes instead of the default automatic behavior.
Scope FortiGate. Solution Starting from version 7.0.2, this option is
also available in GUI. In previous v...
Hello, You can try the below: config system settings set
allow-subnet-overlap enable end This should allow you configure
overlapping subnets For more details you may refer to the below kb:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Ena...
Hello, You can try to change the action to exempt in the urlfilter. For
more details please refer to the below link:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Details-about-quot-pass-quot-and-quot-exempt-quot/ta-p/196171
Best Regards,...
Hello, The way to disable a session helper is to actually delete it.
Please refer to the below kb:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Enable-and-disable-FortiGate-system-session/ta-p/191762
Deleting it will not have any side ef...
Hello, You should also check if you lt2p subnet is allowed on the phase2
selectors of the site to site tunnel.It also might be a policy or
routing issue.You can collect a debug flow and see why the traffic is
not processed.You can collect the output ...