Technical Tip: How to use a VIP's External IP Addr...

nalexiou · 10-01-2024

Description This article describes the differences between the two solutions to manage every cluster member individually. Scope FortiGate. Solution When access to all cluster members is needed two options can be used. The first one is the in-band man...

nalexiou · 09-06-2024

Description The article describes the message ID in IKE messages during the IPsec negotiation. Scope FortiOS. Solution The message ID is a 32-bit quantity that is included in every IKE message as part of its fixed header. The first message has the va...

nalexiou · 08-14-2024

Description This article describes an issue users face with missing speed options on 10xF models after upgrading to FortiOS v7.2.8 or v7.4.2 and later. Scope FortiGate-100F/101F. v7.2.8 or v7.4.2 Solution FortiGate-100F/101F has 28 total ports. See t...

nalexiou · 12-19-2022

Description This article explains the default behaviour of the FG-VMxxV and FG-VMxxS series of FortiGates, specifically with regards to multi-VDOM functionality. Scope FortiOs all Solution The FG-VMxxV and FG-VMxxS series do not come with a multi-VDO...

nalexiou · 11-29-2022

Description This article describes the workspace mode which can be used to manually save the changes instead of the default automatic behavior. Scope FortiGate. Solution Starting from version 7.0.2, this option is also available in GUI. In previous v...

nalexiou · 09-30-2022

Hi Afzal, You can check the config for references via cli with the below command: sh | grep -f x.x.x.x where x.x.x.x is the IP Regards, Nikos

nalexiou · 09-13-2022

Hello, You can try the below: config system settings set allow-subnet-overlap enable end This should allow you configure overlapping subnets For more details you may refer to the below kb: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Ena...

nalexiou · 08-04-2022

Hello, You can try to change the action to exempt in the urlfilter. For more details please refer to the below link: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Details-about-quot-pass-quot-and-quot-exempt-quot/ta-p/196171 Best Regards,...

nalexiou · 05-31-2022

Hello, The way to disable a session helper is to actually delete it. Please refer to the below kb: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Enable-and-disable-FortiGate-system-session/ta-p/191762 Deleting it will not have any side ef...

nalexiou · 05-16-2022

Hello, You should also check if you lt2p subnet is allowed on the phase2 selectors of the site to site tunnel.It also might be a policy or routing issue.You can collect a debug flow and see why the traffic is not processed.You can collect the output ...

User Statistics

User Activity

Technical Tip: Differences of In-band and Out-of-band management for Fortigate Cluster

Technical Tip: IPsec tunnel negotiation failing because of not expected message ID

Troubleshooting Tip: Speed options missing in FortiGate-100F/101F after upgrading to v7.2.8 or v7.4.2

Technical Tip: Default behaviour of the FG-VMxxV and FG-VMxxS series with multi-VDOM

Technical Tip: How to manually save the config using workspace mode

Re: duplicate IP

Re: Loopback IP overlap

Re: web filter proxy mode issue

Re: DNS Session Helper

Re: Access site behind Site-to-Site tunnel via. L2TP Remote Access (Windows Native)

Technical Tip: How to use a VIP's External IP Addr...

Technical Tip: SD-WAN rule in manual mode and Perf...

Technical Tip: Configuring FortiGate HA and OSPF g...

Technical Tip: Differences of In-band and Out-of-b...

Technical Tip: IPsec tunnel negotiation failing be...

Re: Firewall reset

KCS