Good day guys.I have the following setup.200F with dual WAN4 tunnels to
AWS (the usual IPSEC with 2 tunnels).Probably, next year, hopefully, I
will have AWS Direct Connect.Let´s begin with the IPSEC tunnels
first:I´m having issues with the ECMP on th...
Regarding this technical note:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-send-automated-backups-of-the-configuration/ta-p/198364
Specifically this section: When the FTP server is known through an IPSec
VPN. I´m having an issue ...
Hi.I was wondering how to solve the following issue: Right now, I have
several customers connected via ipsec individually, each one with a
different virtual IP to several servers inside my network. What I want
is to transform that into a single load ...
I have a little challenge at work.We have a AWS Direct Connect (DxC)
through a provider, meaning that we are tenants and we do not control
the BGP towards AWS (we give the provider the networks and they
advertise them to AWS through their router). So...
Greetings. This is quite a newbie question, please, I implore your
patience, as I have been using this brand very recently. On our office,
we have several ipsec tunnels for several partners.On this particular
Fortigate 200F, we have 2 wans, a main an...
Let´s use graphs again,The problem: And what I think could be the
solution, using a second vdom:Is this a valid solution? poiting all the
VIP to a virtual server in another vdom in the same firewall?
Good day all.I know, it´s been a while. But something came up to my
mind.EDIT:Can the FW do the following while having multiple vdoms? In
vdom mode; "technically"; I could point all the VIPs to a LB in another
vdom; right?; and I could do this withou...
That´s the thing, it did NOT give me an error. Now, there is one big
thing I believe I did not point out, and it was critital to say: the
firmware is 6.x.x. (I don´t recall the exact number right now). So most
probably, the whole problem was due an o...
Ok, now I understand. For posterity or anyone reading this. The filters
(ge and or le) MUST be different than the subnet you are trying to
filter. Like Bill and Toshi said: set prefix a.b.c.d /20 for example.The
ge would NOT be 20, neither le.It has ...
Thanks Toshi. But, as I was telling Bill. I would like to have the ge
set to 16, but not the le. To allow for prefixes higer than 16. But then
now I have a doubt.Why I cannot use a prefix list in like this: set
prefix 10.160.0.0 255.224.0.0set ge 11 ...