Hi everyone, I've been going through a full evaluation of the FortiGate
product. We are a SonicWALL shop today and have finally made the
decision to start moving toward FortiGate. We have about 50 firewalls in
our environment and use OSPF for dynamic...
Hi everyone, I'm experiencing a very frustrating problem with route
redistribution from eBGP into OSPF. Consider the below diagram. The goal
is to route traffic as directly as possible to the Azure networks
10.24.0.0/16 and 10.25.0.0/16. This was all...
Apologies for the delayed response, I've been sidetracked. I think the
point I am trying to clarify is related to this statement..."With FGT,
"session pickup" is used to describe seamless (as much as possible) HA
failover." SonicWALL has taken this a...
We haven't implemented an HA pair yet with FortiGate. Simply working
with a consultant that mentioned this stateful HA feature was not
available on the FortiGate platform. Are you saying that he was
mistaken, and this "session-pickup" feature is an a...
Indeed. VDOMs were used, not VRF. The requirement was separate OSPF
processes, couldn't do this without VDOMs on the FortiGate platform. VRF
was originally what I had planned to try until I realized this
limitation and had to go learn VDOM.
I was able to solve this problem by implementing VDOM on both R2 and R3.
Basically, the ASBR was moved to the second VDOM, 1 hop into OSPF area
0. An updated concept diagram after changes looks something like this.
"Are all the routers FGT in this setup"No, it is a mixture of Cisco
Nexus, SonicWALL, and FortiGate. "Are all the connections point-to-point
between the routers"Yes, just about every connection is n IPSec tunnel
interface with a little /30 network fo...
