Yes, that would be possible but the ip you define in the VIP would then
not be usable by anything else if it still exists. I am not sure if you
are removing an old subnet that won't be used or if you are still going
to use that subnet for other items...
You can debug the issue by turning on one security profile at a time and
verifying which one is causing the issue. You should also be able to
check the logs for security blocks based on your source IP to determine
the reason that traffic is not getti...
Yes the FortiGate will have all the features of pfsense and many more.
They are enterprise firewalls supporting some of the largest companies
in the world.
Do you notice a high CPU on the Fortiswitch itself? I have been told
before to try to disable the following on the switch to reduce the
controls on the port: config switch-controller
network-monitor-settingsset network-monitoring disableendconfig
swi...
You could verify there is not a per portal dns server set in the
cli:https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-DNS-servers-per-SSL-VPN-Portal/ta-p/194780if
not you will probably need to open a case to verify the full
confi...
