When we configure this SSL VPN MAC address filtering, what system limit
would dictate the max number of MAC addresses we can configure on an FGT
(no
vdom/muti-vdom)?https://community.fortinet.com/t5/FortiGate/Technical-Tip-MAC-address-check-on-SSL-VP...
Please let me make sure the order a FGT examine policies.If there is a
specific policy from a specific interface like "lan" to another specific
interface like "wan1" with "any" source and "any" destination, it would
be examined before another policy ...
I'm referring two KBs below for this
issue:https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGate-alt-primary-alt-secondary-DNS-server/ta-p/275269https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuration-per-VDOM-DNS/ta-p/1...
We recently upgraded our FortiManager-VM from 7.0.8 to 7.2.4 and have
discovered the Meta Field we've been using to "plug" values per device
into CLI templates are not supported any more and have to migrate all
those per-device mappings from Device M...
I couldn't find any article clearly saying either "not possible" or "how
to do it" online so far. But most of our FortiToken Mobile users who
tried migrating from an old phone to a new phone told me a migration
didn't work. So we always reactivate a ...
What version of FortiswitchOS are you running? It's supposed to keep the
config after a power-cycle. You probably want to open a ticket at TAC to
see if any hardware issue, if it keeps happening. Toshi
Still not quite understanding this. Are you saying those two different
ISPs (I'm assuming) are requiring BGP peerings while you don't have any
public subnets to advertise and only need to get the default route from
them?Otherwise, your description/re...
Your description doesn't make sense. If 10.0.0.0/8 is an aggregated
route for the other side of the tunnel, it has nothing to do with the
BGP neighboring to your ISP. ISP doesn't know anything about the 10/8
network. It has to be advertised from the ...