Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
rakanda
Staff
Staff

Created on ‎11-29-2017 07:34 AM Edited on ‎04-08-2022 11:09 AM By Anonymous

Article Id 196074

Technical Note: Set Interface(s) to be physically down using FortiGate Link-Monitor

Description

FortiGate gateway detect link-monitor behaviour

    Fail - Bring down the independent interface(s)

    Suceed - Bring up the independent interface(s)

In FortiGate v5.4, 5.6 the source IP can be added for each link-monitor probe from the CLI setting.

Solution

You can bring down other interface like "dmz"
 
# config system link-monitor
    edit "sasd"
      set srcintf "wan2"
      set server "8.8.8.8"
      set protocol ping
      set update-cascade-interface enable <-- bring down "dmz"
    next
  end
 
# config system interface
    edit "wan2"
      set fail-detect enable
      set fail-detect-option detectserver
      set fail-alert-interfaces "dmz"
    next
  end
 
- Following command can be used to monitor the status of probe server
# diagnose system link-monitor status



 

 

7958
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.