Technical Tip: Automatically restart WAD worker pr...

syordanov · 05-23-2025

Description This article describes how to configure a schedule stitch which will be triggered during specific period in order to monitor the BGP. If the BGP which runs over IPsec is down, this tunnel will be restarted. Scope FortiOS 7.0.x, 7.2.x, 7.4...

syordanov · 04-18-2025

Description This article describes how to configure a 'schedule' for a FortiGate user administrator. Scope FortiGate v6.4, v7.0, v7.2, v7.4, v7.6. Solution Sometimes it is necessary to have a particular FortiGate administrator be active only during w...

syordanov · 03-21-2025

Description This article describes how to configure a link-monitor on IPSec Aggregate and disable the routes associated with this aggregate. Scope FortiGate v6.4, v7.0, v7.2, v7.4 and v7.6 Solution In v7.0.1 the routing behavior is changed, all route...

syordanov · 02-21-2025

Description This article describes how to schedule and disable/enable FortiGate interfaces. Scope FortiOS v6.4, v7.0, v7.2, v7.4, v7.6. Solution Sometimes is needed to do a scheduled disable/enable the interface to reduce the unnecessary usage of spe...

syordanov · 01-27-2025

Description This article provide guidance on how to perform initial diagnostics for non working BGP over IPsec. Scope FortiOS v6.x, v7.x. Solution BGP is widely used dynamic routing protocol. It allows to run over IPsec tunnels which make it very use...

syordanov · 06-11-2025

Dear hwyoon, For this scenario SSL VPN (tunnel mode, because web mode does not support ISDB) use an ISDB. More information for ISDB you can find on the link bellow : https://docs.fortinet.com/document/fortigate-cnf/latest/administration-guide/613009/...

syordanov · 05-21-2025

Hello HANDL_Eric , Did you check the session on the FortiGate which allows the traffic to/from your FortiManager? If not, try the following commands : List the sessions where your FortiManager is acting as destination : diag sys session filter dst XX...

syordanov · 05-12-2025

Dear Reshans, The provided routing table in the first screenshot is from spoke 'SP1'? Make sure the following : HUB -> IPSec-> auto-discovery-sender is enabledHUB -> BGP -> route-reflector-client is enabled Spokes -> IPSec-> auto-discovery-receiver i...

syordanov · 04-28-2025

@osaleem2_10 , the order is : - configure the VPN (phase-1/phase-2), then automatically will be created an VPN interface - Once the VPN interface is created, you can add to as SD-WAN member to one of the zones .

syordanov · 04-25-2025

Dear @HS08, On the Azure you can configure a blackhole route for the HUBs 10.100.0.0/16, and for the rest of the spokes 10.10x.0.0/16 , same need to be done every spoke and the HUB. Yes, also is possible to configure 10.0.0.0/8 blackhole route . Just...

User Statistics

User Activity

Technical Tip: Configure schedule automation stitch to restart IPsec tunnel when there is a problem with the BGP using this tunnel

Technical Tip: Configure a schedule for FortiGate administrator

Technical Tip: IPSec aggregate with link-monitor

Technical Tip: Schedule disable/enable of FortiGate interfaces

Troubleshooting Tip: Troubleshooting BGP over IPsec

Re: Split Tunneling with SSL-VPN to Access AWS Services (Dynamic IP Issue)

Re: FortiGate Phantom Traffic

Re: dial up vpn hq to hub and hub to hq traffic working but branch to branch traffic not workingno a

Re: sd-wan vpn

Re: Different Path

Technical Tip: Automatically restart WAD worker pr...

Technical Tip: Check the session list and filter b...

Re: Split Tunneling with SSL-VPN to Access AWS Ser...

Troubleshooting Tip: Troubleshooting BGP over IPse...

Re: sd-wan vpn

Re: Split Tunneling with SSL-VPN to Access AWS Ser...

Re: dial up vpn hq to hub and hub to hq traffic wo...

Re: WAN Interface not shown in Firewall Policy

Re: Fortigate Limited Access

KCS

User Statistics

User Activity

You are leaving our website