We have a business unit moving into an office with an existing business
unit and want them to share the network (hardware), but operate on
different VLANs for segmentation. We installed a second FortiSwitch and
created the VLANs and this is working g...
We bought two 201e models 13 months ago and put them on a shelf for
emergency purposes. Today I had a need to ship one out, configured to be
managed Locally (not via FortiCloud or Fortigate) and using IP
Passthrough. This was working fine on the base...
I started down the journey of FortiManager and near zero touch
provisioning with CLI Templates. After a solid week of trial and error,
I completed the setup this evening and was extremely happy to see the
final result, until I tried testing the polic...
After using FortiManager in backup mode for a few years, I am now
working on configuring an ADOM in managed mode pushing full baseline
configurations with CLI provisioning templates leveraging meta field
variables. So far on a new Fortigate, my CLI T...
We setup a 1Gb Direct Connect to AWS with an IPSec tunnel for failover.
We are running BGP across both for dynamic routing/failover. When we
take down the Direct Connect interface, traffic correctly fails over to
the IPSec tunnel. The issue we're run...
I got this working. I'm not 100% sure it was the proper way to fix it,
but it did start working the way I expected it to. I don't recall what
screen in the GUI I found it on, but there was a spot for a Virtual Wire
pair for the LTE interface. I mappe...
I appreciate the response. Long term, the plan is to add a second IPSec
tunnel, I was just hoping to lay the foundation now so when the second
Internet circuit/tunnel is added, it would just be a matter of adding
the tunnel to the aggregate. Rather t...
Hi Toshi, I appreciate your fast response. I went with option three and
was able to get the units to sync back up. The address group creation
script was ran from FortiManager against a few dozen firewalls, so I
have no idea why this particular one wa...
Hello, Thank you for forwarding this link. I reviewed the document you
referenced, and if I interpreted it correctly, it almost seems to work
backwards from what I need. It seems you add a Link Monitor exemption to
the routes you don't want the Link ...