Re: Fortigate: Local-in-policy block Access from i...

Atul_S · 10-03-2024

Description This article explains how to select the key type and handle encryption when creating a Certificate Signing Request (CSR) using Simple Certificate Enrollment Protocol (SCEP) with Elliptic Curve Cryptography (ECC). Scope FortiGate v7.0, v7....

Atul_S · 10-01-2024

Description This article describes the relationship between the source IP and the kernel index. Administrators can better manage how FortiGate handles traffic, particularly in complex environments. Scope FortiGate. Solution In general, the use of sou...

Atul_S · 10-01-2024

Description This article describes that is a critical component in managing the synchronization of routing and forwarding information across multiple processing units in a Chassis environment Scope FortiGate-6k, 7k. Solution The chlbd daemon facilita...

Atul_S · 09-23-2024

Description This article describes how Class of service helps in Traffic prioritization. Scope FortiGate. Solution VLAN Class of Service (vlan_cos) is part of the 802.1p standard where the value shown in the session table refers to the Class of Servi...

Atul_S · 09-23-2024

Description This article describes how to make an informed decision for firewall administrators on when to use ASIC offload & NPU offload for specific tasks. Scope FortiGate. Solution The table below helps to understand the core usage in more detail:...

Atul_S · 05-05-2025

Hi, If your FGT is acting as a DHCP server and only 2600:8800:ab81:a100::/56 subnet is configured, I don't see any reason why FGT will issue an address outside the configured range unless the add 2600:8800:ab81:4a00:: is coming from another upstream ...

Atul_S · 05-05-2025

Hi There, I am uncertain how those specific devices are connected to the Internet and what the DNS settings are in your upstream devices, but I can confirm that both the network range ab81:4a00 and ab81:a100 belong to the same ISP. I would suggest ra...

Atul_S · 05-04-2025

Hi Yacer, Its best if you could share the static routes configured for your setup, along with the correct NAT mapping on both FGT and the correct security policy defined. Thanks,

Atul_S · 05-04-2025

Hi, Thanks for the info, but I am uncertain if the global policy enforcing to override built-in test features may undercut the performance optimisation in the long run? Since it's unclear what the dependencies of such features are in the backend with...

Atul_S · 05-04-2025

Hi Wws, Yes, you are right. The VLAN interface will inherit the mac add of the underlay physical port and there is no way to modify the vlan mac add separately. However, pls review the below doc to use emac vlan, which has its unique mac address inde...

User Statistics

User Activity

Technical Tip: Understanding CMS Operation with Elliptical Curve in SCEP for Certificate Signing

Technical Tip: Understanding the Role of Kernel Index in Setting Source IP

Technical Tip: Understanding Chassis Load Balancing Daemon in FortiGate

Technical Tip: Understanding the VLAN Class of Service criteria in FortiGate

Technical Tip: The Impact of Offloading on Firewall Performance: ASIC vs NPU

Re: IPv6 delegation frustration

Re: IPv6 delegation frustration

Re: Static route between 2 fortigates does not work correctly.

Re: Privacy-Browser-Project

Re: Change MAC address for HA'd LAN interface?

Re: Fortigate: Local-in-policy block Access from i...

Re: Backup Foritgate

Re: Backup Foritgate

Re: Unable to connect Forticlient VPN

Re: FortiVoice Enhanced Call Center Service

Re: FORTIGATE SDWAN WITH IPSEC OVER MPLS AND DIA

Re: sampling considered for calculating packet los...

Re: Fortigate dropping contact with Fiber ONT

Re: Kerberos in FortiGate for SSO

Re: Script to convert proxy-based firewall policie...

KCS

The ETSP Platform

Engage Services

User Statistics

User Activity

You are leaving our website