I need some clarification on the best way to do this. Our company has a
policy that servers do not get Internet access, except to a list of
permitted websites. This works well when the Destination object is an
FQDN with a couple of IP addresses behin...
Hello, We have a class c public block that we want to multi-home between
two 1Gb ISP links with BGP. Since these are equal cost links, we want to
utilize them in an Active/Active configuration. I haven't had time to
lab this up yet, but I'm wondering...
We have a business unit moving into an office with an existing business
unit and want them to share the network (hardware), but operate on
different VLANs for segmentation. We installed a second FortiSwitch and
created the VLANs and this is working g...
We bought two 201e models 13 months ago and put them on a shelf for
emergency purposes. Today I had a need to ship one out, configured to be
managed Locally (not via FortiCloud or Fortigate) and using IP
Passthrough. This was working fine on the base...
I started down the journey of FortiManager and near zero touch
provisioning with CLI Templates. After a solid week of trial and error,
I completed the setup this evening and was extremely happy to see the
final result, until I tried testing the polic...
Hi Tom, I appreciate the response. I tested policies using the Internet
Services as a destination and the success with them has been hit or
miss. A good example would be Rapid7. We're in process of deploying it
now and I was happy to see an Internet ...
I was able to figure this out. Once I got into the CLI and viewed the
existing LLDP profile, the solution became obvious. I created a second
profile specifying the second voice VLAN and applied the profile to all
the user ports on the second switch.
I got this working. I'm not 100% sure it was the proper way to fix it,
but it did start working the way I expected it to. I don't recall what
screen in the GUI I found it on, but there was a spot for a Virtual Wire
pair for the LTE interface. I mappe...
I appreciate the response. Long term, the plan is to add a second IPSec
tunnel, I was just hoping to lay the foundation now so when the second
Internet circuit/tunnel is added, it would just be a matter of adding
the tunnel to the aggregate. Rather t...