Technical Tip: VXLAN over IPsec for multiple VLANs...

sagha · 11-04-2024

Description This article describes the scenario where reverse path-check failure is observed even when the route is present in the routing table via the same inbound interface. Scope FortiOS, FortiGate. Solution When running debug flows, the followin...

sagha · 10-02-2024

Description This article describes the reason why BGP routes cannot be added to the routing table if an IP Pool similar to the BGP neighbor IP address is present. Scope FortiGate, BGP, IP Pool. Solution Interface: config system interface edit "intern...

sagha · 09-02-2024

Description This article describes the Graceful restart capability with OSPF and the forwarding of traffic with FortiGate HA. Scope FortiGate running in NAT and HA mode. Solution To avoid packet loss and achieve nonstop forwarding, FortiGate employs ...

sagha · 08-01-2024

Description This article describes how to fix an issue where traffic fails when 'set inbandwidth' or 'set outbandwidth' is configured on the interface. Scope FortiOS 7.0.11 and above, 7.2.6 and above, 7.4, 7.6, NP7. Solution Sometimes after a firmwar...

sagha · 08-01-2024

Description This article describes that with multiple VRFs configured, traffic still gets routed via VRF0 instead of VRF1 despite having source-ip configured and route present in the routing table. Scope FortiGate, VPNv4 routes, VRF setup. Explanatio...

sagha · 02-01-2023

Hi Balazs, The selection of FOS is usually based on the requirements or features you are going to use. The latest version is 7.2 I would suggest going through the release notes that highlight any known issues. If there are known issues that are point...

sagha · 01-09-2023

Hi CustomX, For this, you will have to check how the traffic is getting routed and might need Firewall policies with NAT between two interfaces. This way you can perform source NAT and change the source as you like by either using the IP address of t...

sagha · 01-02-2023

Hi Ranjith, This article might help: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuration-per-VDOM-DNS/ta-p/190815 Thank you. Shahan

sagha · 01-02-2023

Hi mhanna, A static route is necessary to ensure that traffic is going via the correct interface. In the VPN setting, for phase2 when you add a local subnet and a remote subnet, this ensures that traffic between these two subnets can flow over the VP...

sagha · 10-25-2022

Hi ychsiao, Please raise a support case so TAC can look into this. Thank you. Shahan

User Statistics

User Activity

Technical Tip: Reverse path-check failure with route present in the routing-table via inbound interface

Technical Tip: BGP route not added to routing table with IP Pool present

Technical Tip: Understanding Graceful restart and non-stop forwarding for OSPF in FortiGate HA

Troubleshooting Tip: Inbandwidth/Outbandwidth commands on the interface causing ICMP, DHCP and other traffic to fail

Technical Tip: Unable to route locally originated traffic via VRF1 using VPNv4 routes in vpn-id-ipip setup

Re: Pick the proper fortigate OS

Re: Fortigate routes IPSEC traffic through DMZ interface

Re: Add Multiple DNS IP in Fortigate Fw

Re: Static Route for IPSecVPN

Re: Fortigate 101F NP6XLITE error xaui.sdsn

Technical Tip: VXLAN over IPsec for multiple VLANs...

Technical Tip: GUI is not reachable after an upgra...

Troubleshooting Tip: FortiGate losing logs or even...

Troubleshooting Tip: BGP next hop showing as 0.0.0...

Technical Tip: Reverse path forwarding check not w...

Re: Fortigate MGMT (dedicated) access over IPSEC

Re: how to reset hit counts for SD-WAN rules?

Re: Sniffer theory: incomming packets are seen on ...

Re: DNAT supported on Fortigate 40F?

Re: accessing site to site VPN network while conne...

KCS