Description This article describes the reason behind RPF checks not
working for packets that are received on FortiGate in the reply
direction. Scope FortiGate, FortiOS, Routing. Solution Details about RPF
can be found here:
Description This article describes how to clear hit counters for SD-WAN
rules via CLI. Scope FortiGate, SD-WAN. Solution 1) Run the command '#
diag firewall proute list'. 2) Look for the relevant SD-WAN rule:
Description This article describes the issue where if an interface is
getting IP address via DHCP having same subnet as another interface, one
of it will not show up in routing table. Scope FortiGate, FortiOS.
Solution Consider having two interfaces ...
Description This article describes the issue that can be faced when
having multiple authenticated policies and having traffic dropped by
FortiGate. Scope FotiGate, FortiOS Explanation There are two policies
configured and both are using user authenti...
Description This article describes the issue that can be faced with
shortcuts when having ADVPN configured with BGP and SD-WAN. Scope For
versions 6.4, 7.0. ADVPN, BGP, IPSec. Explanation This issue occurs when
shortcut is established between the Spo...
Hi CustomX, For this, you will have to check how the traffic is getting
routed and might need Firewall policies with NAT between two interfaces.
This way you can perform source NAT and change the source as you like by
either using the IP address of t...
Hi mhanna, A static route is necessary to ensure that traffic is going
via the correct interface. In the VPN setting, for phase2 when you add a
local subnet and a remote subnet, this ensures that traffic between
these two subnets can flow over the VP...
Hi adminuniscan, You can use sdwan rules to steer traffic towards
required sdwan interface:
However, please be aware that if wan connectivity fails via one
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.