I have multiple FGT's which all are running 5.4.8 right now. I am
wondering if I should upgrade to 5.6 or 6.0 (or stay at 5.4).Is there a
Fortinet "Recommended" Firmware Version list somewhere? Other firewall
vendors do publish a "recommended" major ...
Starting eval of FortiManager and imported two of my Fortigates.
Everything pretty straightforward, except the imported IPSec VPN
tunnels. I have custom IPSec VPN tunnels created manually for Fortinet >
Juniper SSG firewalls.I can see the imported tu...
Since it is an HA cluster, the firmware upgrade takes care of both
nodes. The cluster will failover the sessions and upgrade each node. if
you block one node your cluster may get out of sync and it is a pain
sometimes resolving that. I have never had...
I setup authentication servers LDAP (and FSSO and Radius work). Or
create local users accounts on the firewall.Then make user group with
the users you want to authenticate. Add this group (or local users) to
the SOURCE on the policy. When they hit th...
Ha! They must have added the WAF to the UTM. I checked one of my 6.4.6
and your are correct. You can make a WAF policy but it does not show up
in the firewall policy. My older 6.0.x does not have the WAF feature
(but I have a real WAF -FortiWeb)! Con...
You could check the interface settings, somethings will not work with
AUTO, you have to hardcode the nic settings.try setting the link
speed/duplex on the interface connecting to the Cisco:conf sys int edit
set speed 100full
**<1000full/10000half/10...
Here is what I did and it appears to work:For Primary ISP link, create a
static default route, with Administrative Distance as 10 Priority 0For
Second ISP Link, create a static default route, with Administrative
Distance as 10 Priority 10 If the Prim...