Hello Frederic,I would suggest to use vlans on NPU vlinks to provide
internet access for the custom vdoms via the root vdom. The reason is
that the regular VDOM links are kernel based links with 1 Gbps line rate
and the traffic flowing via these link...
Hi, The firewall should always needs to know the destination interface
of a packet to perform policy match/lookup. I presume, you got your
question from the Policy Lookup section of the
doc,https://docs.fortinet.com/document/fortigate/7.4.2/administr...
Hi, Yes, you can have both auto-discovery-receiver and
auto-discovery-sender enabled in the same device with SD-WAN configured.
Here are some considerations and insights regarding the setup and
requirements: In essence, your network structure involve...
Based on the logs, there seems to be a config-request (IP assignment
request) coming from the Remote VPN device. Since mode-cfg (the feature
responsible for leasing IP addresses) is disabled under the Phase1
settings of FortiGate, the FW was unable t...
Hi,Ideally, When an IP address is assigned to a network interface, the
operating system first checks for IP conflicts by sending an ARP probe,
which is essentially an ARP request. If no conflicting responses are
received, it assigns the IP address to...
