Home A - Z
Page Index

An Otter Wiki

Commit f9da21

2026-05-14 16:29:53 Peter: NSE4 deleted.
fortinet/nse4.md .. /dev/null
@@ 1,17 0,0 @@
- # NSE4
-
- Yea
-
- In flow-based inspection mode, FortiGate does not buffer traffic flowing through the policy. If FortiGate detects a violation in the traffic, it sends a reset packet to the receiver, which terminates the connection, and prevents the payload from being sent successfully.
-
-
-
- Why was HQ-NGFW-1 elected as the primary?
-
- In the primary election process, FGCP first checks the number of connected monitored ports. Because you did not configure monitored ports, FGCP then checks the next criterion.
-
- Because the override setting is disabled, FGCP checks the HA uptime next. Because you enabled HA on both devices about the same time, the HA uptime difference is less than 5 minutes.
-
- Therefore, FGCP checks the next criterion, which is priority.
-
- HQ-NGFW-1 has a priority of 200, which is greater than the priority of HQ-NGFW-2, which is 100. The result is that FGCP elects HQ-NGFW-1 as the primary.
fortinet/nse4/firewall policy.md .. /dev/null
@@ 1,3 0,0 @@
- # Firewall Policy
-
- Firewall policy ID =/= Sequence ID
fortinet/nse4/nat.md .. /dev/null
@@ 1,3 0,0 @@
- # NAT
-
- get system session list
fortinet/nse4/routing.md .. /dev/null
@@ 1,14 0,0 @@
- # Routing
-
- get router info routing-table all
-
- get router info routing-table database
-
- ![image-1777111935637.png](./image-1777111935637.png)
-
- 20 vs 10 administrativ distance
- lavere vinder, og er primær rute.
-
-
- equal-cost multi-path (ECMP)
- When two routes to the same destination have the same distance, both remain in the routing table. However, if the priorities are different, FortiGate uses the route with the lowest priority value—port2 in this case. To achieve ECMP with static routes, the distance and priority values must be the same for all routes.
fortinet/nse4/routing/image-1777111935637.png .. /dev/null
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9