I have an environment with 3 Azure datacenters (US, EU and APAC) and
over 60 branch offices spread among the US, EU and APAC. I have been
trying, futilely, to get a definitive answer on the best way to deploy
the security fabric in this environment. ...
I'm proofing out an SD-WAN/AD-VPN configuration prior to replacing all
of our site to site tunnels and have one question. Everything in my
setup is working brilliantly, except that the shortcuts between the
spokes seem to be persistent. I had assume ...
Please, no more copying and pasting doc I've already read. I'll repost
my question: Does anyone have experience with deploying the fabric in
larger distributed environments?
Again, HOW to do it is not something I need help with. From the same doc
you linked me to: Fortinet Security Fabric | FortiGate / FortiOS 7.6.0 |
Fortinet Document Library "A maximum of 35 downstream FortiGates is
recommended." That is what I'm seeki...
The commands "diag vpn ike gateway summary" and "diag vpn ike gateway
list name " are not available to me (This gate is on 7.0.14).
But when I run "get vpn ipsec tunnel summary" I get "spoke1_0'
[xxx.xxx.xxx.xxx]:0 selectors(total,up): 2/1 rx(pkt,err...
I've read both of those, and after setting the idle-timeout, I noticed
this strange behavior in the IPSEC monitor (a second phase 2 showing
down), which made me wonder if I was doing something wrong.