Troubleshooting Tip: Missing SD-WAN interface afte...

vvarangoulis · 08-31-2023

Description This article describes the specific requirements and designs required to set up IPv6 in a FortiGate in the Azure environment. Scope FortiGate v6.4, v7.0, v7.2, and v7.4. Solution After setting up IPv6 in the Azure environment, (i.e. VM in...

vvarangoulis · 08-09-2023

Description This article describes the behavior of a FortiGate v6.4 cluster upgrading to 7.0.4 and above with the default FortiGuard DNS server configured, specifically an issue where the public IP (on the Azure side) of the external interface (on th...

vvarangoulis · 06-30-2023

Description This article describes how to create a policy for SSL VPN without checking the source user group of the authenticated SSL VPN groups/users. Check the warning note below. Scope FortiGate, SSL VPN, testing purposes. Solution This action can...

vvarangoulis · 06-13-2023

Description This article describes how to work around an issue where, after a firmware upgrade to 7.2.5, the SD-WAN zone interface is missing from policies and other areas in the FortiGate GUI. Scope FortiGate 7.2.5. Solution A GUI issues occurs in 7...

vvarangoulis · 09-30-2022

Description This article describes how at least the 2 sides of an IPsec tunnel are needed to be configured, for the tunnel to come up. Scope Basic configuration of an IPsec tunnel between 2 FortiGate with PPK enabled. Solution One side of the tunnel ...

vvarangoulis · 06-30-2023

The vdom exceptions allows you to set different values at some parts of your configuration that you specify in your cluster FGTs. Perhaps the AWS example in our documentation might be more clear than my explanation Check the bottom of the page https:...

vvarangoulis · 06-30-2023

Hello Jake,Since you have a cluster active passive, it means that only the 10.251.2.4 or 10.252.1.5 will pass traffic when each FGT is active/primary.I guess you might need to configure the vdom exceptions for the static routes so each FGT will have ...

vvarangoulis · 10-31-2022

Hello Wentao, The message for "awsd failed to get instance id/awsd failed to get metadata"is usually appearing if there is an issue with the management port and/or the elastic IP on that management port. Also, having the latest firmware, usually, hel...

vvarangoulis · 10-31-2022

Hello Nemat,To answer your questions:1- The traffic needs to reach the Fortigate, so either with the GWLB as per documentation on page 192-193 or depending on your deployments perhaps another Fortigate/firewall. Although the former solution with the ...

vvarangoulis · 10-31-2022

Hello,The Fortigate is the guest operating system, it does not dictate the order of the interfaces. If there are some specific requirements, those can be addressed within the guest OS and with the hypervisor provider.Since Nutanix is assigning the po...

User Statistics

User Activity

Technical Tip: FortiGate setup in Azure with IPv6 on port1 without default route

Troubleshooting Tip: DNS/API issue with an SDN configured FortiGate cluster in Azure, firmware upgrade with default Fortiguard servers

Technical Tip: SSL VPN policy without user or user group check

Troubleshooting Tip: Missing SD-WAN interface after a firmware upgrade to 7.2.5

Technical Tip: VPN IPsec tunnel with PPK configuration

Re: Azure Fortigate HA - Route to the working internal interface

Re: Azure Fortigate HA - Route to the working internal interface

Re: AWS Fortigate firewall cluster (A/P in different zones) did not failover

Re: North-south security inspection in AWS.

Re: Fortigate Interface order

Troubleshooting Tip: Missing SD-WAN interface afte...

Re: AWS Fortigate firewall cluster (A/P in differe...

Re: Fortigate Interface order

Re: IPSec Dialup Tunnel enumeration reset?

Re: Trouble routing to a network beyond AWS Site-t...

Re: FortiManager vrrp failover on GCP

Re: Fortigate failover hello-holddown question

Fortinet Training Institute

KCS