Does anyone know if it is possible to forward packets between VLANs
locally on a FortiSwitch when in FortiLink mode or does traffic passing
between subnets always have to be punted up to the FortiGate and back
again? Seems like it would be a pretty m...
Hi, AFAIK, you can only set the MAC address of a physical interface to
something custom but not that of a VLAN interface. There is a setting
called 'set subst enable' and 'set substitute-dst-mac XX:XX:XX:XX:XX:XX'
on the 'conf sys int' branch for a V...
Hi all, Just wondering if anyone has a recent version of the FGT90D
(with serial console port on the front) that can verify whether or not
it supports the creation of a redundant or aggregate pair of ports? The
only documentation I can find suggests ...
This surely must be a simple update to existing code. Where specifying a
load balancing VIP, you should be able to use a weight of zero so that a
server will only ever be used if the health check of a primary (or all
Mainly for use with multiple ISP scenarios, I' d like to see the ability
for a Fortigate to rewrite content on the fly. My priorities would be
simple such as DNS rewrites and SMTP helo greeting rewrites. Simple
inbound failover of services hosted beh...
Another alternative would be to have both subnets on the same interface
using secondary IP. The suggestion from yashwani is cleaner however and
should allow you to use all 8 of the /29 IP addresses as there would be
no network or broadcast addresses ...
FYI - EMS doesn't have this client setting in the UI from what I've
found but you can add: 1
into the top level for the SSL VPN connection to enable it for that
connection (needs the advanced view toggled to show the XML tab in the
In case any else comes across this, I tested this on a FortiGate 60E
(SoC3) and the config appears to work. Not tested actual traffic over
the link but here's the config:edit "s-tag" set vdom "root" set
vlan-protocol 8021ad set device-identification ...
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.