Fortinet Community

pkavin · 06-28-2022

Description This article describes a scenario when external Routes with the same cost 'ECMP' to the ASBRs are not installed on the routing table or database. Scope FortiGate. Solution FortiGate by default has RFC1583 Compatibility disabled. Therefore...

pkavin · 06-01-2022

Description This article has a list of resources that can be used to configure and troubleshoot SD-WAN on FortiGate. Solution SD-WAN is a software-defined approach to managing Wide-Area Networks (WAN). It consolidates the physical transport connectio...

pkavin · 06-01-2022

Description This article describes that Virtual Private Network (VPN) technology enables users to connect to private networks in a secure way. RFC 6071 describes IPsec (Internet Protocol Security) as a suite of protocols thatprovides security to Inte...

pkavin · 05-13-2022

Description This article provides information on how to view Memory and CPU utilization trends on FortiGate using FortiAnalyzer reports when troubleshooting memory conserve mode or high CPU usage issues. Scope FortiGate, FortiAnalyzer. Solution Forti...

pkavin · 05-12-2022

Description This article describes the behaviour of FortiOS when SA rekey happens for phase1 and phase2 on FortiGate Scope FortiGate. Solution What is a Security Association (SA)? The concept of a 'Security Association' (SA) is fundamental to IPsec. ...

pkavin · 05-13-2022

Hello, You could use overlay-id in your configuration to separate IPsec VPN tunnels based on the IDs configured. This is not the same as peer id and a Fortinet proprietary feature. So, it will only work for VPN tunnels between FortiGates. But, as you...

pkavin · 01-03-2022

You're welcome

pkavin · 01-03-2022

Hello everyone, There was a bug introduced in FortiOS 7.0.2 where generating a new ACME certificate from GUI will result in a certificate signed by Let's Encrypt staging CA. Bug 0757130 was filed to fix the issue and the issue has been fixed in Forti...

pkavin · 12-31-2021

Hello Nolzee, The simple and more better way to design/configure your FortiGate is to use SD-WAN as you can have some additional benefits of failover, link-monitor and traffic load balancing. But, I can understand that SD-WAN needs a whole re-configu...

pkavin · 12-31-2021

Hello Radu_sec, Currently, FortiOS does not support RIP with non-default VRFs. There is an NFR (New Feature Request) with ID 0748519 created to add this feature in future. But, this does not guarantee that the feature will be added in future. Please ...

Fortinet Community

User Statistics

User Activity

Technical Tip: OSPFv2 ECMP for External Routes Expected Behavior with RFC1583 Compatibility

Technical Tip: Fortinet's Secure SD-WAN Resource List

Technical Tip: FortiGate IPSec VPN Resource List

Technical Tip: Monitor Memory and CPU utilization trends on FortiGate using FortiAnalyzer

Technical Tip: IKE and IPSec SA rekey for ADVPN shortcut tunnels for IKEv1 and IKEv2

Re: Multiple Dialup Clients - Single Remote Gateway

Re: IPSec native win client

Re: Let's Encrypt STAGING certificate

Re: Local Breakout / Policy routes

Re: Does Fortigate 6.4 support RIP routing inside VRF?

Technical Tip: Fortinet's Secure SD-WAN Resource L...

Technical Tip: FortiGate IPSec VPN Resource List

Technical Tip: SSL-VPN Authentication using both U...

Re: Let's Encrypt STAGING certificate

Re: Fortigate 100f (downgrade from 6.4.6 to 6.2.3 ...

Re: Let's Encrypt STAGING certificate

Re: IPSec native win client

KCS