Hi All, Can I leverage SD-WAN with dynamic IP Primary and Backup (LTE)
Internet circuits at branch offices to establish tunnels to two circuits
(again SD-WAN) at HQ (both with have Static Public IP at this end)?
Thanks so much.
Hello members, I am using 6.4.5 on an active passive pair of fortigate
firewalls. VPN is rock solid when primary is with higher HA device
priority. When I force failover to backup, then of course VPN
disconnects. When I connect back, I could ping acr...
Hello members, I was planning to use SSL Session ID for persistence as I
was not sure if inserting a http cookie will mess up with anything the
real servers might be inserting as well, but then I found this short
text at this link: https://docs.citri...
Hello forum members, Load balancing to https servers is bit new for me.
I have done in the past regular http load balancing. I was under the
impression that with certificates on the servers and incoming https
requests being sent to one or the other r...
Hello All, If we are managing switches over fortilink thru Fortigate,
are we still able to SSH / telnet into the switches to make some changes
like multicasting IGMP querier set up on the Switches? Thanks
For branch, under Config vpn ipsec phase1-interface, I find that I can
specify two tunnels, one primary and second monitored backup and each
can have their own remote gateway. The gateway command (set remote-gw)
only takes one IP. I was hoping It wil...
Appreciate again. The requirements are bit complex. The branch side has
Cellular LTE connection only to be used when primary DSL is down. So, I
cannot have nailed down 2 tunnels from one-to-one circuit. I can use
Main backup feature where backup tunn...
Thank you for your prompt help. I did look at this link last night but
it is not the scenario that I am looking for. The branch has two ISPs
(one primary DSL and backup LTE) and both are dynamic. The diagram on
the link shows single ISP at branch and...
Okay, I have resolved this issue. The problem was not with Fortigate
setup, but I suspected that it has to be with how FGCP clustering
protocol shifts around the IPs on the interfaces, and thus resulting mac
address association with L2 switch upstrea...
