hi, today I set up email alerts for various events (so, event based and
not severity level based), and I am missing a setting for hardware
failure events, you know, fans, PSU, temperature. A look into the CLI
didn't help.Am I thinking too hard, and t...
Hello fellows, for simplicity, I often use my private SSH key to log in
into my local admin account on various FGTs (I mean, CLI access via
SSH). Now, if instead of a local admin account I use a wildcard admin
account against LDAP/MS AD in the backgr...
hello all, I've got a pair of FG-200B running v4.3.18 in A-P HA mode.
Each cluster member is at a different location, HA links are across a
dedicated line. On each site, there is one Cisco access router (19xx) in
front of the FGT providing WAN access...
hello all, I'm planning to place the slave unit of a Fortigate HA
cluster into a remote location. There is a leased line (layer 2) for the
HA connect. Can anybody confirm that I can run the HA traffic across a
VLAN between the access switches on each...
Better still, Fortinet has got a Trade Up program which offers a
substantial rebate over the listprice. Replacing a 100E with an 100F
will be covered, so I'd get a TradeUp offer from your FTNT dealer of
choice.There is even a suitable replacement in ...
What @amrit is really telling you is, you need a FGT as a switch
controller as this software is not embedded in 3rd party firewalls of
any other vendor, AND yes, the way you have depicted a FortiLink
connection to your switches from your FGT (be it l...
OK, in order to forward traffic, the FGT needs to have a route AND needs
to have a policy allowing it.You do not mention that this traffic is
forwarded by a policy route. A policy route (PR) alone will not forward
traffic. It sends packets to interfa...
Hi @DerekWSmall, you are right, there is no such command in "config
system global".However, you can modify the arp lifetime on a port which
is part of a (Fortigate-internal) virtual switch:config system
switch-interface set mac-ttl And, for the spec...
I think it is related to session lifetime. When the correct schedule is
matched, a session is allowed to be established. Then the schedule
expires, but the session is not re-evaluated ('dirty').Isn't there an
option to force that lookup? There is an ...