Hi there, we have a site where the FortiGate sets up a VPN. All AD/DNS
is on the other end of the VPN. We' d like the fortigate to forward DNS
traffic for domain.local (the AD domain) to the AD servers. We
explicitly do not want to create a shadow do...
Hi there, a while ago we made a temporary switch from FortiGate' s to
ZyWall USG' s. Didn' t quite like the ZyWall' s, went back to FortiGate.
We' ve had 4 60D' s now. 1 of them works... 2 have a cooling block that
lies loose in the unit - didn' t ev...
Hi, a customer of ours got a separate connection with it' s own router
for site-to-site VPN (managed through an ISP). The router is patched in
directly to the internal network and the FGT is the default gateway. We
have added the routes to the FGT an...
Hi there, we set up a VPN to Amazon EC2 (VPC). This uses 2 VPN
connections for redundancy (that is, we connect from our 1 IP to 2 IP' s
at Amazon simultaneously). So there are 2 VPN interfaces. The routes are
learned through BGP, normally only one is...
Hi there, we have an old FortiGate 60 we still use as gateway. The
contract on this device has expired. We' re not yet sure whether to
renew it, or replace the unit. We have some other issues with the 60,
which might be due to the shallow hardware (m...
Had a chat today with a support representative. He mentioned they had a
talk with the L2 manager and in the next revision we might see the
serial port back. Hopefully they' ll use better glue for the cooling
blocks as well. Apparently there' s quite ...
Most of our older 60' s have died (bad blocks on flash - another
brilliant idea I suppose, let' s use ext3 on flash chips! cuz it' s so
flash aware (as in attempts to spread writes over blocks instead of
overwriting the same one every time)). Many so...
Sorry guys but I don' t understand your concerns. New Cisco switches,
like our 3750X doesn' t have a regular serial port (rs232 to console
port) either and usb works like a charm. I don' t know the Cisco' s. Do
they present console (serial) over the ...
Hmm ARM? I already had a feeling they at fortinet thought wow, those
raspberry pi' s and cubieboards are friggin' cheap, let' s do that too,
and let' s do it badly (those have working console ports you know - and
they work whether I f**k up or not - ...
Hmm hadn' t thought of doing it with multiple addresses on one
interface, might try that :). Would have created a vlan interface, but
their switch doesn' t support vlan' s :(. Thanks for the re' s.
