Hello, I just started a new website with my wife together to share some tips with networkers.
If you are interested, please go visit:
Saturday, May 28, 2016
Recently I am working on deploying Fortigate 3700D in our network. There are couple things just learned during the project.
1) 1G SFP in 10G port on Fortigate 3700D to build Port-channel with Cisco N5K. It must use 1000Auto on Fortigate side, otherwise port-channel won't come up.
2) Trust subnet configured under admin account will impact data port Ping traffic as well (not only the admin login traffic). It will block Ping on the data port as well, even Ping is allowed, as long as the subnets are not in the Trust subnets range, ping will be dropped.