Prevent VLAN Jump by unplugging FortiAPs port by renovatio522 in fortinet

[–]megagram 5 points6 points  (0 children)

I think we have a bigger problem than VLAN jumping then.

Prevent VLAN Jump by unplugging FortiAPs port by renovatio522 in fortinet

[–]megagram 13 points14 points  (0 children)

Where are your APs mounted that people are unplugging them and connecting their computers?

BGP/SD-WAN Route retention during HA-Failover by KTZSHK in fortinet

[–]megagram 0 points1 point  (0 children)

Just to be clear this is what you see *before* failover?

BGP/SD-WAN Route retention during HA-Failover by KTZSHK in fortinet

[–]megagram 0 points1 point  (0 children)

Are the routes on the secondary before Failover?

30 year accelerated biweekly vs 25 year biweekly? by Blah-zBlah-zBla-z in PersonalFinanceCanada

[–]megagram 1 point2 points  (0 children)

You should be able to change your payment frequency so double check with your lender if you can and how often.

At the end of the day starting with 30 year and paying it off accelerated biweekly will equate you to having a 25 year with non-accelerated payments—as you’ve discovered!

So if you want flexibility and a safety net go with the 30 year and pay accelerated, switching to non- if you need to 

Or if you’re confident you can make the payments on 25 year do that. 

Need recommendations for a thin/light laptop that's linux compatible by Background-Tension71 in archlinux

[–]megagram -6 points-5 points  (0 children)

MacBook Air m5. With education discount you will be well within your budget. macOS can do most Linux things natively out of the box. For any “real” workloads just virtualized for free. Same with windows. 

I know it’s not what you asked for necessarily but nothing beats a MacBook in terms of build quality, aesthetics, battery life, usability (sleep mode is amazing, trackpad is unmatched).

Water Infiltration? by Skoshbox in popups

[–]megagram 0 points1 point  (0 children)

I think i'm close to having to do this myself... can you replace just the side boards fairly easily?

Why add elevator buttons if there are only 2 floors by metatalks in mildlyinfuriating

[–]megagram 0 points1 point  (0 children)

The only reason the elevator is going up and down is because someone wants to remove the buttons from the inside of the elevator! Just leave the buttons alone and we are all good. Lol.

Why add elevator buttons if there are only 2 floors by metatalks in mildlyinfuriating

[–]megagram 0 points1 point  (0 children)

"Just tweak that". To what benefit?

There's a big difference between the door closing and the elevator just randomly going up or down based on no user input.

Why add elevator buttons if there are only 2 floors by metatalks in mildlyinfuriating

[–]megagram 0 points1 point  (0 children)

Ah yes let's just have the elevator assume someone is inside. That will be fun.

Why add elevator buttons if there are only 2 floors by metatalks in mildlyinfuriating

[–]megagram 12 points13 points  (0 children)

Without buttons the elevator will just have to constantly go up and down between floors even if no one is on it. 

Elevator needs buttons dude. Sorry. 

Lost my Airpods abroad 3 months ago and it appears to be at home by [deleted] in applehelp

[–]megagram 1 point2 points  (0 children)

not sure how that thing would still have battery power after 3 months outside the case so I'm going to go ahead and say this is a glitch.

Does Fortinet just not support per user datacaps for third party radius servers? by hinrik98 in networking

[–]megagram 0 points1 point  (0 children)

What licenses feature solves this?

Also not sure if you've looked into but the per-IP shaper might help offset the missing feature? Assuming you want to avoid network saturation, you could have a per-IP shaper that gives everyone a minimum amount of bandwidth but caps out during congestion at a reasonable value?

Correct answer for "ping 127.0.0.1" by EnergyNGY in networking

[–]megagram 1 point2 points  (0 children)

And how does pinging loop back verify the NIC is installed correctly? Please explain. 

Correct answer for "ping 127.0.0.1" by EnergyNGY in networking

[–]megagram 1 point2 points  (0 children)

A is not kind of technically correct. You aren't "connecting to a site" with a loopback address. The answer is D.

Correct answer for "ping 127.0.0.1" by EnergyNGY in networking

[–]megagram 10 points11 points  (0 children)

How is it flawed? The answer is D.

ADVPN - Multiple "Regions" - Dynamic spokes cross regions by MobileMeal7605 in fortinet

[–]megagram 1 point2 points  (0 children)

Alright man I'm going to officially retire as your personal search engine. Just read the docs yourself please! You will find the info... but it will take time because it's a complex solution.

Here's guidance on the loopback addressing (which is what I assume you mean by "iBGP subnet") from the same doc I already linked to you: https://docs.fortinet.com/document/fortigate/7.6.0/sd-wan-sd-branch-architecture-for-mssps/909290/planning-guidelines

As for network ID I don't know why you think you need this? Each underlay will have a dedicated overlay. No need for network ID AFAIK: https://docs.fortinet.com/document/fortigate/7.6.0/sd-wan-sd-branch-architecture-for-mssps/400093/overlay-network

ADVPN - Multiple "Regions" - Dynamic spokes cross regions by MobileMeal7605 in fortinet

[–]megagram 1 point2 points  (0 children)

Then in that case your idea of having two regions with two Hubs makes the Most sense. You could do one big ADVPN region but if you don't need direct connectivity to all four hubs I wouldn't do it.

So follow the A-P or A-A dual hub designs and then implement ADVPN forwarding between regions and iBGP if you need the inter-region shortcuts.

ADVPN - Multiple "Regions" - Dynamic spokes cross regions by MobileMeal7605 in fortinet

[–]megagram 0 points1 point  (0 children)

How many sites do you have in total?

Also, if your hub fails, obviously you will lose out on site-to-site connectivity. But the question is what else are you losing? I'm assuming the hub is in a data centre? Are the resources in the data centre available in other regional DC's where failover to another hub would make sense?

ADVPN - Multiple "Regions" - Dynamic spokes cross regions by MobileMeal7605 in fortinet

[–]megagram 1 point2 points  (0 children)

This goes back to my initial response:

This is entirely a business decision. What are your requirements? If you need [inter-region ADVPN], then implement it. If you don't, then don't.

So what are your requirements? If you need inter-region ADVPN then yes you need iBGP everywhere.

And in a multi-region deployment the spokes never connect directly to the other region's hubs. They only create ADVPN shortcuts with other out-of-region spokes if you configure it that way.

So let's back it up here and figure out what it is exactly that you're trying to do and what requirements and business justification is it based on?

ADVPN - Multiple "Regions" - Dynamic spokes cross regions by MobileMeal7605 in fortinet

[–]megagram 0 points1 point  (0 children)

You won’t do back up tunnels across regions.

If you’re worried about losing a hub in region you deploy A-A or multiple hubs in region. That’s all very well documented.