Troubleshooting Tip: Advanced filters for FortiOS ...

Matt_B · 02-03-2025

Description This article describes a known issue where FortiGate does not send new logs to FortiGate Cloud if the remote logging service has not confirmed receipt of several previous logs. Scope FortiGate v7.2.10, v7.4.6, v7.6.0 and earlier. Solution...

Matt_B · 01-14-2025

Description This article explains why a route-map-out does not modify BGP attributes when FortiGate is acting as a BGP Route Reflector. Scope FortiGate v6.4.2 and later. Solution BGP Route Reflection, defined in RFC 4456, is a method to avoid the IBG...

Matt_B · 01-13-2025

Description This article describes a known issue that can prevents a virtual machine HA cluster from synchronizing when using unicast heartbeat if a non-default vrf is configured on the heartbeat interface. Scope FortiGate v7.2, v7.4, or v7.6, FortiG...

Matt_B · 01-12-2025

Description This article illustrates the use of some advanced filters that can assist in troubleshooting network issues. Scope FortiGate. Solution FortiOS uses libpcap/BPF pcap-filter arguments. For reference see libpcap documentation such as 'PCAP-F...

Matt_B · 01-07-2025

Description In FortiOS v7.6.1 and later, it is not possible to configure an individual SD-WAN member in Central SNAT policy. If members of the same SD-WAN zone require different custom source NAT, an IP pool with associated-interface must be configur...

Matt_B · 02-04-2025

Not monitoring this post, but dropping "word of TAC" here in since I'm seeing it's unclear.This February 28 2025 FortiGate Cloud change applies for devices without a FortiGate Cloud subscription, either per-device or at the account level. It is diffe...

Matt_B · 10-29-2024

Hi Toshi,I can believe it. The Change Log has since been updated again and CVE-2024-47575 is referenced in Resolved Issues.As you've noticed, not all Known or Resolved Issues appear immediately in Release Notes. Some never appear. For urgent releases...

Matt_B · 06-22-2022

That sounds like you may already have a renewing certificate you can use. Verify that acme is using correct interface for renewal with cli:get system acme statusYou can review logs of acme activity with the following (produces a lot of text)diagnose ...

Matt_B · 06-21-2022

TBC,I am assuming you are using ssl vpn with a manual letsencrypt certificate. If so the following advice applies.You can follow the procedure in the admin guide to get a new letsencrypt certificate that autorenews with acme:https://docs.fortinet.com...

Matt_B · 06-06-2022

Hello,If the Fortigate only has one active default route, this may be the source of your issue. You are correct that the loose RPF check only requires one active route in the routing table. Unfortunately, advertising a route to the Fortigate does not...

User Statistics

User Activity

Technical Tip: FortiGate not sending logs to FortiGate Cloud if log confirmation queue is full

Technical Tip: FortiGate as BGP Route Reflector does not modify attributes for reflected routes

Technical Tip: FortiGate VM High Availability cluster out-of-sync after upgrade to v7.2 if vrf configured on heartbeat interface