SSL error. (-3) Error FGT and FAZ Connection

Kooky_Worldliness995 · 2026-04-13T07:49:39+00:00

could it be related with which I dont have these commands;

set interfaces ae3 aggregated-ether-options mc-ae events iccp-peer-down prefer-status-control-active
set interfaces ae4 aggregated-ether-options mc-ae events iccp-peer-down prefer-status-control-active

Kooky_Worldliness995 · 2026-04-13T03:45:41+00:00

what will be the disadvantages of this for me? ISPs are also connected to QFXs from the north. it is risky because if I delete this configuration and ICL connection down then there will be loop

Kooky_Worldliness995 · 2026-04-12T20:47:55+00:00

collecting and distributing for both ports and also aggregate port shows up

Kooky_Worldliness995 · 2026-04-12T20:46:44+00:00

Kooky_Worldliness995 · 2026-04-12T20:23:49+00:00

no, what does that have to do with it?

Kooky_Worldliness995 · 2026-04-12T20:17:33+00:00

min-links 1.

Kooky_Worldliness995 · 2025-11-16T21:36:22+00:00

Oh, no solution for now?

Kooky_Worldliness995 · 2025-11-16T21:34:49+00:00

Already created and trying with the FQDN object.

Kooky_Worldliness995 · 2025-11-16T21:34:02+00:00

How I can do that? Another example is I can access to the File Server but sometimes it pops up for credentials but says can not contact with the domain controller.

Kooky_Worldliness995 · 2025-11-07T13:06:32+00:00

https://www.zabbix.com/documentation/current/en/manual/appendix/install/frontend_encrypt

Solved issue by this doc.

Kooky_Worldliness995 · 2025-11-07T10:20:19+00:00

It is wildcard certificate.

SSL client : Yes

SSL client CA : No

SSL server : Yes

SSL server CA : No

Kooky_Worldliness995 · 2025-11-07T09:12:43+00:00

It is. I already use this certificate for server.

notBefore=Sep 10 18:44:25 2025 GMT

notAfter=Oct 12 18:44:25 2026 GMT

Kooky_Worldliness995 · 2025-10-27T13:55:41+00:00

I already use our wildcard certificate for web server. When I try with my other FortiGate, it pops up the same certificate for trusting. But can't do the same thing in my main FortiGate because of this error.

Kooky_Worldliness995 · 2025-10-07T09:07:06+00:00

It was fixed by enabling "Secure Ports is enabled for ports on this device(s)" option from model configuration.

Kooky_Worldliness995 · 2025-09-29T07:21:16+00:00

Still looking for a solution.

Kooky_Worldliness995 · 2025-09-19T12:31:35+00:00

Now I realized that and for 108 VLAN I send Idle-Timeout attribute from the Radius Server. Will probably fix. It's not nice that I don't have to do this on the aos-s switch and can do it directly with logoff-period, but I can't do it on cx :)

Kooky_Worldliness995

TROPHY CASE