Fortinet Community

sagha · 11-16-2022

Description This article describes the reason behind RPF checks not working for packets that are received on FortiGate in the reply direction. Scope FortiGate, FortiOS, Routing. Solution Details about RPF can be found here: https://community.fortinet...

sagha · 10-20-2022

Description This article describes how to clear hit counters for SD-WAN rules via CLI. Scope FortiGate, SD-WAN. Solution 1) Run the command '# diag firewall proute list'. 2) Look for the relevant SD-WAN rule: id=2130706435(0x7f000003) vwl_service=3(t...

sagha · 10-12-2022

Description This article describes the issue where if an interface is getting IP address via DHCP having same subnet as another interface, one of it will not show up in routing table. Scope FortiGate, FortiOS. Solution Consider having two interfaces ...

sagha · 08-07-2022

Description This article describes the issue that can be faced when having multiple authenticated policies and having traffic dropped by FortiGate. Scope FotiGate, FortiOS Explanation There are two policies configured and both are using user authenti...

sagha · 08-01-2022

Description This article describes the issue that can be faced with shortcuts when having ADVPN configured with BGP and SD-WAN. Scope For versions 6.4, 7.0. ADVPN, BGP, IPSec. Explanation This issue occurs when shortcut is established between the Spo...

sagha · 01-09-2023

Hi CustomX, For this, you will have to check how the traffic is getting routed and might need Firewall policies with NAT between two interfaces. This way you can perform source NAT and change the source as you like by either using the IP address of t...

sagha · 01-02-2023

Hi Ranjith, This article might help: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuration-per-VDOM-DNS/ta-p/190815 Thank you. Shahan

sagha · 01-02-2023

Hi mhanna, A static route is necessary to ensure that traffic is going via the correct interface. In the VPN setting, for phase2 when you add a local subnet and a remote subnet, this ensures that traffic between these two subnets can flow over the VP...

sagha · 10-25-2022

Hi ychsiao, Please raise a support case so TAC can look into this. Thank you. Shahan

sagha · 10-24-2022

Hi adminuniscan, You can use sdwan rules to steer traffic towards required sdwan interface: https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/716691/wan-path-control However, please be aware that if wan connectivity fails via one organizati...

Fortinet Community

User Statistics

User Activity

Technical Tip: Reverse path forwarding check not working for packets in reply direction

Technical Tip: Clearing hit count for SD-WAN rules

Technical Tip: Connected route not displayed in routing-table despite interface in different VRF

Technical Tip: Traffic fails to match authentication policy despite having user in auth list

Technical Tip: ISP failure causing ADVPN shortcut traffic to fail

Re: Fortigate routes IPSEC traffic through DMZ interface

Re: Add Multiple DNS IP in Fortigate Fw

Re: Static Route for IPSecVPN

Re: Fortigate 101F NP6XLITE error xaui.sdsn

Re: is it possible to do multiple sd -wan in one vdom ?

Technical Tip: VXLAN over IPsec for multiple VLANs...

Technical Tip: Reverse path forwarding check not w...

Technical Tip: Multiple default routes where SD-WA...

Re: Fortigate routes IPSEC traffic through DMZ int...

Re: is it possible to do multiple sd -wan in one v...

Re: Fortigate MGMT (dedicated) access over IPSEC

Re: how to reset hit counts for SD-WAN rules?

Re: Sniffer theory: incomming packets are seen on ...

Re: DNAT supported on Fortigate 40F?

Re: accessing site to site VPN network while conne...