HiI setup Link monitor for redundant Wan connections. It's working great
when WAN line is down but if a WAN line is not stable and getting 40%
packet lost its not taking it down.probably because its not getting 3
bad ICMP in a rowis there an other se...
HiI'm using 2 FG 100D with OS 5.4.4 as a Cluster, Slave Unit not sync
with masterI try to force them sync via CLI using command mention here:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD36494but still
system not sync (event after recalcul...
Want to config 2 IPsec tunnel from different WAN1 to the Fortigate with
only WAN1 InterfaceWan1 to Wan1 IPsec is working, I did config the same
setting for WAN2 to WAN1 but getting negotiation error IPsec
Diagram:WAN1-------IPsec----------Wan1WAN2---...
why the AV report online radio?
(link:http://www.fm1.co.il/glgltz.html)is there any way to whitelist
it?here is the AV massage:------------Message meets Alert condition
Virus/Worm detected: JS/Agent.NMR!tr Protocol: HTTP Source IP: x.x.x.x
Destinatio...
neonbit wrote:SD-WAN is the way to go, you can create a SLA rule to say
if ping drops are less than 40% then goto secondary link. It seems that
the Link status configuration of SD-WAN are the same as Link monitorICMP
fail for X times at X intervals
Hithank you for reply, the errors i saw on the HA1 and HA2 interface was
rx-bytes. I didn't read it properly.I manage to make the slave unit sync
with master. its a workaround but worked for me.I Break the
Cluster.[ol]Download config from master edit...
toshiesumi wrote:It should work although I never used link-local
addresses. Don't forget to put subnet mask 255.255.255.255 on the local
IP. From 5.6, remote-ip also requires subnet mask. HiI setup everything
Just the way i setup AWS Tunnelswith the ...
toshiesumi wrote:You should set interface IPs on both ends of the tunnel
if both sides are interface mode/route-base IPSec. Otherwise you can't
use features like link-monitor since the default route must be routing
to the outside of the tunnel. I can...
toshiesumi wrote:Regularly the gateway IP is the tunnel interface IP on
the other end, while the destination IP can be anything behind it. I
understand, actually when i setup IPsec to AWS it works fine because the
interface was setup with IPwhen i se...
