Technical Tip: How to use a VIP's External IP Addr...

nalexiou · 12-10-2024

Description This article explains how to mitigate packet loss when fec is used. Scope FortiOs Solution FEC does not support NPU offloading but traffic that does not require FEC can be identified and offloaded. This is improving the performance for tr...

nalexiou · 11-12-2024

Description This article describes how to troubleshoot BGP interruptions. Scope FortiGate. Solution The packet that is sent to tear down the neighborship is the Notification packet and includes information why the action was taken. In case only a fla...

nalexiou · 10-01-2024

Description This article describes the differences between the two solutions to manage every cluster member individually. Scope FortiGate. Solution When access to all cluster members is needed two options can be used. The first one is the in-band man...

nalexiou · 09-06-2024

Description The article describes the message ID in IKE messages during the IPsec negotiation. Scope FortiOS. Solution The message ID is a 32-bit quantity that is included in every IKE message as part of its fixed header. The first message has the va...

nalexiou · 08-14-2024

Description This article describes an issue users face with missing speed options on 10xF models after upgrading to FortiOS v7.2.8 or v7.4.2 and later. Scope FortiGate-100F/101F. v7.2.8 or v7.4.2 Solution FortiGate-100F/101F has 28 total ports. See t...

nalexiou · 09-30-2022

Hi Afzal, You can check the config for references via cli with the below command: sh | grep -f x.x.x.x where x.x.x.x is the IP Regards, Nikos

nalexiou · 09-13-2022

Hello, You can try the below: config system settings set allow-subnet-overlap enable end This should allow you configure overlapping subnets For more details you may refer to the below kb: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Ena...

nalexiou · 08-04-2022

Hello, You can try to change the action to exempt in the urlfilter. For more details please refer to the below link: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Details-about-quot-pass-quot-and-quot-exempt-quot/ta-p/196171 Best Regards,...

nalexiou · 05-31-2022

Hello, The way to disable a session helper is to actually delete it. Please refer to the below kb: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Enable-and-disable-FortiGate-system-session/ta-p/191762 Deleting it will not have any side ef...

nalexiou · 05-16-2022

Hello, You should also check if you lt2p subnet is allowed on the phase2 selectors of the site to site tunnel.It also might be a policy or routing issue.You can collect a debug flow and see why the traffic is not processed.You can collect the output ...

User Statistics

User Activity

Troubleshooting Tip: Packet loss when Adaptive Forward Error Correction (FEC) is enabled

Technical Tip: How to investigate BGP neighborship flap

Technical Tip: Differences of In-band and Out-of-band management for Fortigate Cluster

Technical Tip: IPsec tunnel negotiation failing because of not expected message ID

Troubleshooting Tip: Speed options missing in FortiGate-100F/101F after upgrading to v7.2.8 or v7.4.2

Re: duplicate IP

Re: Loopback IP overlap

Re: web filter proxy mode issue

Re: DNS Session Helper

Re: Access site behind Site-to-Site tunnel via. L2TP Remote Access (Windows Native)

Technical Tip: How to use a VIP's External IP Addr...

Technical Tip: SD-WAN rule in manual mode and Perf...

Technical Tip: Configuring FortiGate HA and OSPF g...

Technical Tip: How to investigate BGP neighborship...

Technical Tip: Differences of In-band and Out-of-b...

Re: Firewall reset

KCS