I did the following: - upgraded FMG to 7.0.11 while the FGT still were
on 7.0.13 => everything still worked fine afterwards- upgraded the FGT
to 7.0.14 during the next night (scheduled) => since then FGT keep
losing the connection to FMG when I deplo...
We just ran into this: today our FortiMail states it has no antispam and
virus outbreak license.It did have one because it also states the last
update of the antispam definitions was on 2024-02-06 and it cannot do
that without vallid license. If I lo...
We just ran into this issue and I just wanted to warn you to not do so
too: if you rename global address objects in FMG you can only do that
via script (TAC said this).If you assign this to an adom afterwards it
will be correctly assigned.You will ha...
I keep encountering this behavior: all of a sudden on some clients https
websites stop working.every time this starts the only thing noticable on
the FGT is that the memory usage is >=60%. Mostly around 63-65%. It
however does not reach the threshold...
After having done a load of testing I've come to the conlusion that
there actually is an issue with ASIC offlading and UTM on the 100F
Series.This issue does not occur on 100E Series or a 300E or a 60F but
it does on all of our 100F.All FGT here are ...
We narrowed that down with TAC. It looks like if it is mainly an issue
with FGT100F on 7.0.14 and FMG >= 7.0.11. Even upgrading FMG to 7.2 did
not prevent it from happening. Its still escalated to the developers and
pending a bugfix.
In this case there is two options: 1) use the reset button - if your FGT
happens to have one. Press it within the first 2min after startup and
watch your serial console. It will then perform factory reset.2) if
there is no reset button the only way w...
As said the ceritificate itself is fine on FMG side but on FGT side the
CAs don't match the issuer of the certificate. And that's why the FGTs
don't come back online in FMG.
I think the reason is that the certificates are not new. Same for the
CAs.Plus the culprit seems to be on FGT side though.Maybe the
certificate was not in use on FMG before 7.0.11 so nobody noticed the
broken CAs on the other side.