Hi guys! Here is a issue with Fortigate200F(7.4.1) - ipsec vpn lpdap
users randomly cant get access(cant even ping) to various internal
sources after establishing connection cause of sudden implicit deny,
locally created users have no such problem at...
Hi, guys! I have FG200F, 2 ISP peers established connection with options
"Enforce eBGP multihop" and "soft reconfiguration", one of them(marked
as IGP) is "best-path", second is "Incomplete". Option "EBGP multi path"
enabled in best path selection se...
@AEK wrote:HiDoes the related policy use FSSO as source?I guess the
blocked traffic shows IP without user, right?The policy contains VPN ip
range and group of imported ldap users with local users as source.
Blocked traffic shows Source/Source Country...
So, referring to
https://community.fortinet.com/t5/FortiGate/Technical-Tip-BGP-AS-Path-Prepending-Configuration-Example/ta-p/194522
i tried to make "incomplete" pass less preferable by setting the route
map-out with triple AS number. It works somehow...
