Description This article describes a known issue that can cause high CPU
usage when a USB disk with many files is connect to the FortiGate. Scope
FortiGate. Solution There is a known issue #1055740 that can cause high
CPU usage when an admin is logge...
Description This article describes how to enable or disable POE (Power
over Ethernet) on the interfaces of FortiGate models that support the
feature. Scope FortiGate models that support POE. Solution Some
FortiGate models support the use of POE on th...
Description This article describes an issue where an IPsec tunnel will
remain ‘up’ even when the binding interface is disabled. Scope
FortiGate. Solution In this example, both FortiGates reach the Internet
through port 1. The IPsec tunnel is bound to...
Description This article describes how to create automation stitch
triggers for when the FortiGuard web filter is unreachable and when they
become reachable again. These can be used with an automation stitch
action that will send an alert email when ...
Description This article describes how to configure FortiGate to forward
SYSLOG messages to FortiNAC so that FortiNAC can detect new devices
connected to a FortiSwitch, using FortiSwitch event logs MAC_ADD,
MAC_DEL, and MAC_MOVE. Scope FortiGate, For...
If there is an IP pool covering that IP address, then the FortiGate will
consider that IP address local to itself, even if the IP pool is not
referenced any where. The behaviour is the same with VIPs. I would
recommend deleting it because it's very l...
I see I think, I understand the traffic flow a bit better now.
Basically: 51.x.x.x --> 60.60.60.1 --> (DNAT 192.168.1.1)[External
VDOM](EMAC-EXT SNAT 10.10.10.1)-->(EMAC-INT 10.10.10.2)[Internal VDOM]
In the Internal VDOM is there any VIP, IP pool, o...
id=65308 trace_id=47 func=__vf_ip_route_input_rcu line=1989 msg="find a
route: flag-80000000 gw-0.0.0.0 via Internal" This looks like it's
routing to itself, it should show that it found a route via the outgoing
interface. In your case it's routing v...
When set source-nat-vip enable is configured on a VIP and SNAT occurs
the VIP's external IP will be used for the SNAT. Check this article for
the behavior.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-use-VIP-s-External-IP-Address...
On the 200F, port1 will be part of the "lan" VLAN switch.You can remove
it on the CLI with config system virtual-switchedit "lan"config port
delete port1 end end After this you should be able to configure port1
independently.
