Author Archives: Manny Fernandez

I have been in the networking and security field for over 27 years. I started working for resellers back in the Novell days. I obtained my CNE, Master CNE, GroupWise CNE and later moved on to Microsoft with the MCSE. I have obtained numerous industry certifications from Palo Alto, Cisco, Checkpoint, Juniper, RSA, Fortinet, Linux and other. I have worked on every firewall produced since the 1990's from Novell's Border Manager to IP Tables to FortiOS and everything in-between. I have either migrated to or from all of these platforms. It is my passion. I love what I do so I do not consider it work. Today I work for a manufacturer. By far, I enjoy this side much more so hope to continue doing so.

How to use Replacement Message Groups on FortiGate firewalls

As you may have seen in previous articles, the Fortigate firewalls have various replacement messages for various functions such as:…

By Manny Fernandez

December 8, 2019

Updating Images in Fortigate Replacement Messages

The Fortigate firewalls comes with some Replacement Messages.  These various messages are displayed under specific conditions and can be modified.…

By Manny Fernandez

December 6, 2019
banner

FortiOS AutoScript from CLI

OK folks, time for another quick scripting article.  As many may know, there has been some folks that have hit…

By Manny Fernandez

December 5, 2019

FortiAuthenticator as a CA Server

In other articles, I have covered creating CA servers on Microsoft Windows and OpenSSL, here is an article using FortiAuthenticator.…

By Manny Fernandez

November 26, 2019

Homebrew and Catalina FIX

As you all may have experienced, there is a problem with macOS Catalina and Homebrew.  When trying to install packages…

By Manny Fernandez

November 25, 2019

Fortinet FIT / Tinycore Linux Static IP addressing

Last night, I decided to deploy the Fortinet FIT OVA which is essentially a packet generator that pushes attacks, web…

By Manny Fernandez

November 25, 2019

DNS over TLS (DoT) on the Fortigate

I recently wrote an article about the difference between DNS over HTTPS and DNS over TLS and the differences between…

By Manny Fernandez

November 19, 2019

DoH (DNS over HTTPS) vs DoT (DNS over TLS) in the Secure DNS Wars

It appears we are seeing a "Betamax vs VHS" battle in the aging DNS war.  Who will win? Will it…

By Manny Fernandez

November 19, 2019

FortiOS to PANOS Site-to-Site VPN

In this article, I am using "WAY OLD" PAN OS.  Mostly because I no longer own an updated PAN box.…

By Manny Fernandez

November 17, 2019

Site-to-Site VPN with Checkpoint Stand-Alone

A colleague wanted to test VPNs to multiple platforms.  I set up a Checkpoint 1450, PAN 200, and an ASA…

By Manny Fernandez

November 15, 2019

Initial Config for a Stand Alone Checkpoint 1450 Appliance

I have many firewalls from many vendors.  I have Palo Alto, Cisco, Juniper, SonicWall, Barracuda, and now a Checkpoint.  Since…

By Manny Fernandez

November 14, 2019

Search and Add Line Script

The other day, a friend called me about a Cisco ASA configuration he migrated to Fortigate. They needed to add…

By Manny Fernandez

November 14, 2019

Troubleshooting IPSec VPNs on Fortigate Firewalls

Lets start with a little primer on IPSec.  I am going to describe some concepts of IPSec VPNs. IPSec Primer…

By Manny Fernandez

November 12, 2019

Route-Based VPN between Cisco Router and Fortigate Firewall using OSPF

Earlier, I wrote an article showing how to do a VTI (Virtual Tunnel Interface) from a Cisco ASA to a…

By Manny Fernandez

November 10, 2019

Creating a VIP on Fortigate using a Dynamic IP address

When you have a dynamic IP address assigned by your carrier, you are normally only assigned one IP address to…

By Manny Fernandez

November 9, 2019

ASA Route-Based VPN (VTI) with Fortigate Firewall

  Customer had a question about creating a route-based VPN between a Cisco ASA and a Fortigate.  Traditionally, the ASA…

By Manny Fernandez

November 7, 2019

Running a FortiTest with FortiTester

Earlier, I wrote an article on upgrading the FortiTester.  At the time, I did not have any SFPs for 10GB…

By Manny Fernandez

November 6, 2019

Upgrading a FortiTester

In preparation for a Proof-of-Concept with a customer where they wanted to test the breaking point of a FortiGate firewall,…

By Manny Fernandez

November 5, 2019

Fortinet Security Fabric in Action

A colleague of mine, Chris Fore, SE in the San Fransisco Bay Area created an amazing video showing the Fortinet…

By Manny Fernandez

November 2, 2019

Upgrading Code on FortiFones

There are different models of the FortiFones.  Below I will show the basic upgrade process for the two GUI methods…

By Manny Fernandez

October 30, 2019

Categories

Recent posts

  • Have you ever ordered a bunch of Fortinet gear... Full Story

  • Had a customer with over 200 static routes on... Full Story

  • This is a work in progress, I will be... Full Story