hi,i managed to built HA active-passive between two 40F.i lost
HTTPS/ping access to secondary since it sync'd with primary IP in lan1.i
already remove FW policy and static route for lan1 but i'm still unable
to add lan1 in HA MGMT interface reservati...
hi,i just built HA active-passive.i lost HTTPS on the secondary FW since
it sync'd with primary FW MGMT (lan1) interface.i was trying to
configure secondary HA MGMT interface but doesn't allow me.my question
is, how do you "default"/remove MGMT confi...
hi,i'm going to setup a pair of FG. just would like to know what is the
best practice, do i configure HA active-standby first or create VDOMs
first?appreciate fortinet links/guides. TIA!
hi,just wondering if i can delete the "lan" hardware switch in a
fortigate 40F?can't seem to delete it even when it's disabled.i'm trying
to do this setup:WAN: internet/ISPA: HAport 1: MGMT (out of band)port 2
and 3: 802.3AD aggregate/Port-Channel to...
hi,i've been searching/googling for VDOM support for route-based VPN/VTI
Tunnel but to no avail.is this route-based VPN/VTI tunnel interface
supported in multiple VDOM? i.e. VDOM A is for our internal VPN/VTI to
AWS, then VDOM B is for other customer...
hi,i managed to delete "lan1 address" after i set lan1 role to
"undefined". thanks for your help! i need to speed up learning FGT since
we're doing a HW refresh on our FW. i think i also need to learn a bit
more CLI if i don't fix things via GUI. FW0...
hi,i'm unable to disable it. the "create address object matching subnet"
toggle is grayed out.do you think this is the culprit? what's the CLI to
remove this address object?
hi,see below. i was able to remove the static route referencing lan1
since i HTTPS via wan.i was unable to remove the firewall address. it
doesn't allow me to "delete" when i highlight/select the address object.
FW01_PRI # show | grep lan1 -fconfig s...
hi,below are output from primary and secondary FW. FW01_PRI # show full
system interface lan1config system interfaceedit "lan1"set vdom
"root"set vrf 0set fortilink disableset mode staticset
dhcp-relay-interface-select-method autoset dhcp-relay-servi...
hi,i saw a default source NAT firewall policy.changed source interface
to my new portchannel inside interface.the "delete" option was available
for the lan hardware switch (lan2).
