hi, today I set up email alerts for various events (so, event based and
not severity level based), and I am missing a setting for hardware
failure events, you know, fans, PSU, temperature. A look into the CLI
didn't help.Am I thinking too hard, and t...
Hello fellows, for simplicity, I often use my private SSH key to log in
into my local admin account on various FGTs (I mean, CLI access via
SSH). Now, if instead of a local admin account I use a wildcard admin
account against LDAP/MS AD in the backgr...
hello all, I've got a pair of FG-200B running v4.3.18 in A-P HA mode.
Each cluster member is at a different location, HA links are across a
dedicated line. On each site, there is one Cisco access router (19xx) in
front of the FGT providing WAN access...
hello all, I'm planning to place the slave unit of a Fortigate HA
cluster into a remote location. There is a leased line (layer 2) for the
HA connect. Can anybody confirm that I can run the HA traffic across a
VLAN between the access switches on each...
and in the policy using a VIP, you have"set match-vip enable"?otherwise,
the local-in policy will not have any effect on VIP policies.There's a
couple of KB articles on this topic, as well as recent forum posts.
I would set the FGT's clock to 6:55 AM one night, and try to connect. If
I get an error, it's the FGT.Besides schedules you should have a look at
when updates are drawn, maybe the CPU spikes for too long when ingesting
the updates (which would indica...
In principle, such a setup will work eventually, if the MT is properly
understood and configured.A "dumb" modem without any means for IPsec
would be preferable, such that it couldn't interfere. I would start out
by forwarding all stuff to the FGT, no...
IMHO the routing is crooked.If, and only if, the core switch is routing,
it's default route should point to the WAN router. Any local traffic
(from LAN) should be coming from the FGT, with the FGT's WAN address as
the NATted source address - this is ...