Hello, I have a following setup : - Fortigate is doing the NAT from
public IPs to private IPs - Public IPs are announced by the fortigate to
a connected router with OSPF - Public range IP is announced with a
redistribute static OSPF configuration for...
Hello ! On a FG300C with vdom option enabled, I have configured a lacp
aggregate interface (8 physical interfaces), let' s call it "
TRUNK_PROD" . TRUNK_PROD is associated with vdom root. I then have
created several vdom, without any physical interfa...
I have a Fortigate FG60B running 4.0MR3. Please directly go to last post
My network / server configuration is : - 2 wan links (WAN1 / WAN2) - 1
server in DMZ (and 1 different VIP for WAN1 / WAN2 access) Trafic is
coming from internet (0.0.0.0/0). I w...
IF this 1st post is not clear, please go to network diagram below Hello,
I would like to understand a strange behaviour that occured on fortigate
(version 4.0 & 4.0 MR2) : In my infrastructure I do have a router which
is routing in static mode a publ...
Hi Emnoc, Sorry for late reply, I was sick. Thanks for you link, I will
have a check (seems intersting) The problem is that calculated routes in
the routing table are not optimized (but this is OSPF behaviour). I have
found a way to redistribute stat...
Hi Emnoc, Thanks for your reply. The configuration you are giving is
similar to the current configuration I am having with a standard OSPF
area. (static routing to a blackhole interface and OSPF redistribute
static command) The problem is that I want...
Ok just found the answer in the kb fortinet : " A VLAN sub-interface can
belong to a different VDOM than the physical interface it is attached
to."
http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD31639
And here is the updated graph of my problem : I would like to use ECMP
weighted load balance routing method for wan1 & wan2 interfaces, but I
would like to only use wan2 for outgoing traffic (from int1, int2...
interfaces). Here is my routing configu...
A little update : Using same distance for my 2 DG (ECMP) works fine for
incoming trafic / response for each interfaces. What I now want is only
using wan2 for an outgoing request (request from DMZ to internet). I do
not want to use policy routing (I ...
