As all the other users at FortiCloud must have gotten, I received an
announcement email per email account for 2FA auth enforcement starting
June the 7th.My question is if it would apply to this Forum login
account. I've kept using my old account emai...
When we configure this SSL VPN MAC address filtering, what system limit
would dictate the max number of MAC addresses we can configure on an FGT
(no
vdom/muti-vdom)?https://community.fortinet.com/t5/FortiGate/Technical-Tip-MAC-address-check-on-SSL-VP...
Please let me make sure the order a FGT examine policies.If there is a
specific policy from a specific interface like "lan" to another specific
interface like "wan1" with "any" source and "any" destination, it would
be examined before another policy ...
I'm referring two KBs below for this
issue:https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGate-alt-primary-alt-secondary-DNS-server/ta-p/275269https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuration-per-VDOM-DNS/ta-p/1...
We recently upgraded our FortiManager-VM from 7.0.8 to 7.2.4 and have
discovered the Meta Field we've been using to "plug" values per device
into CLI templates are not supported any more and have to migrate all
those per-device mappings from Device M...
We're currently running our FMG-VM with 7.2.4. I tested a hardware swap
by uploading the latest revision of old one's config a couple of times
in the past with probably 6.4.x and 7.0.x at those times.I didn't
encounter any particular config issues ot...
First, you need to understand FGT's SD-WAN features are only targeting
situations with multiple circuits and how to select one of them to send
a particular type of traffic over the others to get the best
performance. The design concept doesn't includ...
also you probably need to disable static route injection (set add-route
disable) then set up two static routes with different metric. We
regularly use BGP for this kind of set up since it's more
automatic.Toshi
I thought you had to elimate/replace all private ASNs. It still have
"64512 and 64514".But it depending on your final or real network set up,
which you didn't explain. So it might work depending on the real
topology.Toshi