hello,I have questions regarding SD-WAN Config. I have two WAN interface
from two different ISP (ISP1 (as main, subnet 176.x.x.x) and ISP2 (as
backup, 96.x.x.x subnet). They are combined in SDWAN, ant there is SLA
which check if ISP1 is OK, if not sw...
hello,I have this situation:I have two links from two diferent ISP
(let's say ISP_A (fast) and ISP_B (slower)), and from ISP_A i have
Public IP pool, we are using one IP from this pool to provide one
application available from outside (by configuring...
Hello,I created a DoS policy on our WAN Interface, and I observerd that
i have a lot of udp_flood on WAN Interface as DST IP. Question:What
exactly mean when I set to BLOCK or MONITOR ?? what impact is it on
target device - in my case my WAN Interfac...
hello,I would like to monitor my FortiSwitches by monitoring tool - very
simple monitor - PING only.Fortiswitches (and fortilink) has subnet
169.254.x.x assigned. I created VIP 10.0.0.6 -> 169.254.0.6edit
"my_test"set uuid 3017f34e-b6a0-52ed-113f-ade...
Hello,On Fortigate we have configured VPN for our users (Tunel mode, web
mode) and everything is working. But we have doubts regarding security
level for this VPN gateway. Is possible to install/ add somethnig more
(like some proxy) between VPN gatew...
hello,I have checeked on RPIE and this Public IP pool is registred for
our company :) - I was not awara about this...So, now i should contact
with both ISP and speak about metrics ??Thanks
hello,I found this article
https://community.fortinet.com/t5/FortiGate/Technical-Tip-SSL-VPN-web-mode-visit-remote-server-through-an/ta-p/218532and
I have question, I have PHY INT 3 (for WAN connection) and I have
assigned there IP 77.254.x.x, below ...
Hello,Thanks for sugestions.I heard that some organizations put some
kind of proxy (server or appliance + yubikey, i don't know exactly)
before vpn. So my understanding was that user first authenticate with
proxy then in vpn. It looks like layered mo...
hello,yes, Theoretically everybody in the Internet can try to access to
our SSL VPN web page (and try some attacks) - is possible to limit only
to authorized device (company devices) ?? For Tunel mode we are not
using split tunnel. Thanks,
