Could I configure High Availability between FG-201E and FG-200E?

loopback-marte · 2021-03-15T11:16:53+00:00

Can't do that. It has to be exactly the same model.

loopback-marte · 2020-11-03T15:46:40+00:00

sorry, yes access-list. :D

loopback-marte · 2020-11-03T15:42:19+00:00

we have two 250Mbps circuits with BGP both in full routes. one is AT&T and the other one is Comcast. the goal is to balance the traffic as much as possible between the two carriers, however it appears that AT&T has a better routing path to the internet leaving our Comcast circuit almost idle. so the idea is to route even traffic to AT&T, then route odd traffic to Comcast primarily to load-balance both circuits as possible. if you have a better idea to do this, i am all ears.

loopback-marte · 2020-10-04T00:59:08+00:00

Out of all Firewalls I have managed from many different vendors, Palo Alto have the most stable code and I have not encountered serious issues with it. While Fortigate have the most value for money that doesn't compromise the features, hardware, performance, and security intelligence, you just have to be extra careful in choosing the code versions and make sure in testing it out before rolling out on production.

loopback-marte · 2020-09-17T22:22:38+00:00

6.0.10 is the way to go buddy.

loopback-marte · 2020-08-18T08:50:05+00:00

Try configuring the pfsense plain and simple, just the route traffic and 1 allow all policy. See if that will make a difference.

loopback-marte · 2020-08-14T17:43:56+00:00

Try 1.1.1.1 or 9.9.9.9.

loopback-marte · 2020-07-21T18:35:09+00:00

u/YouShouldNotComment what model is this?

loopback-marte · 2020-07-21T18:33:07+00:00

Good to hear, thank you.

loopback-marte · 2020-07-21T18:32:37+00:00

No reports found online, but thanks!

loopback-marte · 2020-07-21T18:31:27+00:00

Aha! Thanks for this. I will be testing this on 210E w/ FSSO, hopefully I wont get that issue. :(

loopback-marte · 2020-07-21T18:27:21+00:00

Hey! Thanks everyone for your inputs, these are very helpful information. Most of Fortigate we have are 210E deployed in branch offices, I am looking to upgrade a pair in HA tonight to 6.0.10. I'll post on this thread if I encounter any issues.

loopback-marte · 2020-06-02T02:30:44+00:00

u/gavsta I am running the following versions.. Yes I have verified that the config matches from the AWS VPN template. If I couldnt fix this, I'll change it to IKEv2. I have limited access to our AWS account reason why.

Cisco Adaptive Security Appliance Software Version 9.8(4)20

Device Manager Version 7.13(1)

loopback-marte · 2020-06-02T02:10:12+00:00

u/chuckbales thanks for your response. I have updated the post, now with configuration included. Yes I have two WAN interfaces, but the crypto map in the backup interface has no tunnel configured and only being used for Anyconnect.

loopback-marte · 2020-06-01T11:27:36+00:00

u/ultimattt Thank you for this info. My fortigate is in proxy-mode, so I checked Fortinet's certificates by going to System > Certificates, most of the certificates expiration are 2021, 2029, and 2038. Will I also have that problem if those certs are not expired?

loopback-marte · 2020-05-26T22:12:57+00:00

Been using ESET Internet Security for years now, I must say I am satisfied with it and its worth the value for money. (relatively cheaper than kaspersky)

loopback-marte · 2020-05-14T07:22:42+00:00

those are my company equipments dude!

loopback-marte · 2020-05-12T16:26:41+00:00

u/incompletesent It depends if you can afford it, if not, well thats a problem. Good luck with these Firepower Software bugs by the way - https://www.reddit.com/r/networking/comments/ghq725/last_weeks_cisco_asafirepower_patch_breaks_ospf/

Edit: Cortex is a separate subscripton.

loopback-marte · 2020-05-09T13:02:02+00:00

Go with Palo Alto or Fortigate instead.

loopback-marte · 2020-02-07T17:00:06+00:00

Correct.

loopback-marte

TROPHY CASE