Fortinet - ICT Fella

How to Fix Starlink Static Route issue in FortiGate Firewall

This post is about fixing Starlink static route issue in FortiGate Firewall Issue The issue comes when configuring Starlink in FortiGate Firewall; no matter how we configure the administrative distance and priority for the StarLink state route, one default configuration overrides the manual static route. Environment StarLink as secondary internet link, it should only kicks […]

How to Fix Starlink Static Route issue in FortiGate Firewall Read More »

How to Configure Port Forwarding Destination NAT on Fortinet Firewall

Next Gen Firewall

This post is to demonstrate the quick steps to configure port forwarding / Destination NAT on the Fortinet Fortigate firewall. Environment Fortinet Fortigate firewall. ISP has provided a /29 range of the public IP addresses. The requirement is to open port 443 from specific public IP addresses, not the whole internet. Configure Virtual IP or

How to Configure Port Forwarding Destination NAT on Fortinet Firewall Read More »

How to Manage the Fortigate Secondary/Passive Firewall and Shutdown the HA Pair

Next Gen Firewall

This post is to document the process to manage the secondary Fortigate firewall in a HA firewall cluster, as well as the process to shut down the Fortigate firewall using CLI. This process comes in handy if you are using the same interface for both data and management traffic for the HA pair. Manage the

How to Manage the Fortigate Secondary/Passive Firewall and Shutdown the HA Pair Read More »

How to configure IPsec VPN between Fortinet and Sophos Firewall

Next Gen Firewall

This post is to document the process to configure static IPsec VPN between Fortinet and Sophos Firewall. Environment 1x Fortinet Fortigate Firewall cluster running at active-passive mode 1x Sophos UTM Firewall Both sides have static public IP assigned Phase 1 and Phase 2 use the same encryption (AES256) and authentication (SHA256) algorithm, Group 14 or

How to configure IPsec VPN between Fortinet and Sophos Firewall Read More »

How to Revert the Fortinet Firewall Configuration back Automatically when Handling Changes Remotely

Next Gen Firewall, Routing and Switching

When network professionals handle changes remotely, it is always good to have a safety net available. If you are familiar with Juniper Junos, you would love the “commit confirmed” command very much, as it will revert the config back to the previous config after 10 minutes automatically, in the event of you screwed up the

How to Revert the Fortinet Firewall Configuration back Automatically when Handling Changes Remotely Read More »

How to Remove Fortinet Fortilink Interface

Next Gen Firewall

This post is to document the process to remove the default Fortilink interface in the Fortinet Firewall configuration. This would be ideal if you are not using FortiSwitch and trying to keep the configuration clean. This process also applies if you are trying to remove other types of default config if the option is greyed

How to Remove Fortinet Fortilink Interface Read More »

How to Configure Cisco Juniper Fortinet EtherChannel LACP

Routing and Switching

Object When it is coming to project execution and solution integration, ICT network professionals always have the challenge to interconnect multiple vendors together, it is not difficult but painful to deal with. This article is to show you the typical EtherChannel configuration examples when you try to interconnect them across multiple vendors: Cisco and Juniper

How to Configure Cisco Juniper Fortinet EtherChannel LACP Read More »

Fortigate HA Cluster Out-of-Sync 100F

Next Gen Firewall

Issue After initially setting up the Fortigate 100F HA cluster, we got this annoying “out-of-sync” error, dug into it, and found several issues related to the Fortinet firmware version and initial configuration differences. This post is to document the process of troubleshooting and some of the configurations for the Fortinet HA firewall cluster. Environment 2x

Fortigate HA Cluster Out-of-Sync 100F Read More »