I need help with configuring redundant IPsec tunnels. The peer firewall
has 2 public IP addresses. When the primary ISP is offline, the firewall
routes everything through the backup ISP, which is working fine so far.
On our Fortigate, I have configur...
I found the following article about ospf inter-area
distribution.https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-OSPF-to-filter-Inter-Area-routes-using/ta-p/197747https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configu...
Since I come frome cisco, the way I have to configure NAT in Fortigate
is new to me. I have a working configuration but some settings don't
make sense to me... public ip range: 1.2.3.32/27Fortigate public ip:
1.2.3.36dmz interface: 10.9.11.1/24webser...
I configured a ikev1 tunnel between Cisco IOS and Fortigate.The tunnel
comes up but communication only works after a client of the remote site
(cisco) initiated some traffic.As you can see in the Fortigate capture,
the packet to 10.183.2.1 is sent in...
Thanks Manosh, that helped a lot. After configuring the "set monitor
"isp01" in the phase1-interface of isp02 I still had the same issue. I
also had to change the DPD "on-idle" instead of "On Demand" and now it
works.
Do you know a way how to configure that also with dynamic (Dialup) IKEv1
and static IKEv2 vpns?The "set mesh-selector-type subnet" option is only
available in static IKEv1 configurations....
Hi Suraj Sorry for my late respond.As soon as I configure area 10 as
stub on fortigate and switch I get no more routes even on the
fortigate... and there I need them. Regards,Patrick
