Description This article explains how to configure a static route and a
black hole route to different VRFs. Scope All versions of FortiOS.
Solution To configure a static route to a different VRF, first configure
the VRF ID on the relevant interface: ...
Description This article describes the behavior of the SD-WANrules
configured in manual mode when the performance sla for the interface is
failing. Scope FortiOs . Solution If all health-check are indicating
that an interface is dead, even if it is u...
Description This article explains how to resolve connectivity issues of
the Fabric connector to Forticlient EMS Cloud when SDWAN is used.This
solution applies in FortiOs v6.4.4-v6.4.8 Scope FortiOs v6.4.4-6.4.8
Solution The Self-originating traffic t...
Description This article describes how to configure multicast policies
between interfaces that are members of the same zone. Scope Solution
Configure 'set intrazone allow' on the zone. # config system zon edit
set intrazone allow nextend Configure a...
Description This article describes the difference in the behavior of
static and dynamic tunnels when there is a device performing NAPT
between the ipsec peers. Scope Fortios Solution Topology: FGT B
(22.214.171.124) --- (126.96.36.199) NAPT --- (194...
Hello, You can try the below: config system settings set
allow-subnet-overlap enable end This should allow you configure
overlapping subnets For more details you may refer to the below kb:
Hello, You can try to change the action to exempt in the urlfilter. For
more details please refer to the below link:
Hello, The way to disable a session helper is to actually delete it.
Please refer to the below kb:
Deleting it will not have any side ef...
Hello, You should also check if you lt2p subnet is allowed on the phase2
selectors of the site to site tunnel.It also might be a policy or
routing issue.You can collect a debug flow and see why the traffic is
not processed.You can collect the output ...
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.