I just ran into this: We have a Windows DHCP that has a scope for a
vlan.the vlan interface on the FGT100E is set to do dhcp relaying to
this Windows DHCP.the Windows DHCP also has dhcp option 138 set for all
scopes it has.If I now connect a client t...
I did the following: - upgraded FMG to 7.0.11 while the FGT still were
on 7.0.13 => everything still worked fine afterwards- upgraded the FGT
to 7.0.14 during the next night (scheduled) => since then FGT keep
losing the connection to FMG when I deplo...
We just ran into this: today our FortiMail states it has no antispam and
virus outbreak license.It did have one because it also states the last
update of the antispam definitions was on 2024-02-06 and it cannot do
that without vallid license. If I lo...
We just ran into this issue and I just wanted to warn you to not do so
too: if you rename global address objects in FMG you can only do that
via script (TAC said this).If you assign this to an adom afterwards it
will be correctly assigned.You will ha...
I keep encountering this behavior: all of a sudden on some clients https
websites stop working.every time this starts the only thing noticable on
the FGT is that the memory usage is >=60%. Mostly around 63-65%. It
however does not reach the threshold...
basically you will need Deep Packet Inspection if you want to inspect
more then http requests or certificates. IPS,AV,APC etc will need to
look into your traffic and that requires DPI. And DPI will require a CA
or SubCA Certificate because of the way...
@damian not one peer but one peer-id! On a dial up this means every peer
has to send that unique peer id so the FGT can determine the correct
ipsec. That does NOT limit your ipsec to just one peer!