We are working on replacing Aruba switches with FortiSwitches. We have
HA firewalls and currently use a VLAN on the Aruba to pass the ISP link
to the WAN ports on the firewalls. We've run into an issue at a couple
of sites where the ISP device refuse...
We have actively been configuring SDWan on our firewalls and it works
great for general web surfing. The issue we are running into is with our
phones connecting to our cloud phone provider. Initially, SDWan was
configured for all traffic to use the l...
My team has been deploying a lot of SDWan lately with DIA and Broadband
circuits. We have a couple of sites that have frequently been reporting
session disconnects from cloud hosted applications and SIP phones that
suddenly lose audio. I asked the si...
I need some clarification on the best way to do this. Our company has a
policy that servers do not get Internet access, except to a list of
permitted websites. This works well when the Destination object is an
FQDN with a couple of IP addresses behin...
Hello, We have a class c public block that we want to multi-home between
two 1Gb ISP links with BGP. Since these are equal cost links, we want to
utilize them in an Active/Active configuration. I haven't had time to
lab this up yet, but I'm wondering...
Hi Brian, if we were simply talking about one or two sites, yeah, but I
have over 300 sites. An FS108 with a 3 year support agreement is roughly
$400. For redundancy, I'd want two at each location, one for each
Internet circuit, so when I multiply $4...
Yep, I have approximately 30 sites setup where I was able to
successfully pass both Internet circuits through a VLAN on FortiSwitch,
up to the WAN ports on the firewalls. Most of these sites have a DIA
primary (plugged into a Ciena) and a broadband b...
Hi Toshi, I believe I understand what you are saying and wanted to
clarify something. We're not trying to pass the VLAN on Fortilink to
another port on the FortiGate, through FortiLink. We want the ISP to
come in on one port of the FortiSwitch, then ...
Hi Tom, I appreciate the response. I tested policies using the Internet
Services as a destination and the success with them has been hit or
miss. A good example would be Rapid7. We're in process of deploying it
now and I was happy to see an Internet ...