Category Archives: FortiGate

Debugging Fortigate GUI from the CLI

Have you ever gotten a strange failure in the Fortigate GUI?  It is sometimes unclear to see what the issue…

By Manny Fernandez

March 6, 2020

SSL VPN Realms with Custom URLs

Had a friend write up a great article on using custom URLs for realms on the Fortigate using SSL VPNs.…

By Manny Fernandez

February 10, 2020

Bridged FortiAPs and Managing Remote Switches Across the Bridge

I cannot tell you how many times we run into this.  Sometimes its a stopgap for a customer that is…

By Manny Fernandez

February 2, 2020

VX-LAN over IPSec using Fortigate Firewalls

VXLAN is a tunneling protocol that encapsulates layer 2 frames into layer 3 UDP packets.  VXLANs allow you to create…

By Manny Fernandez

January 18, 2020

Policy Disclaimer Option in FortiOS 6.2.3

Yesterday I wrote an article about some advanced policy option in FortiOS 6.2.3.  Here is another one.  In System then Feature…

By Manny Fernandez

January 17, 2020

Policy Advanced Options in FortiOS 6.2.3

FortiOS 6.2.3 Introduced some interesting new features.  One of those features is the Policy Advanced Options in which some interesting new…

By Manny Fernandez

January 17, 2020

FortiWifi with Tunnel and Bridge SSIDs

If you have a FortiWiFi using the internal radio and want to offer a guest SSID that is in "Tunnel"…

By Manny Fernandez

January 11, 2020

What Diffie-Hellman (DH) Group Should I Use

There has been a lot around Diffie-Hellman groups and which ones to use.  Some think that the bigger the DH…

By Manny Fernandez

January 7, 2020

Fortinet Ports and Protocols

If you are ever wondering what ports needs to be open for various Fortinet products to interact and struggled to…

By Manny Fernandez

January 7, 2020

FortiAnalyzer Primer

Wanted to write an article about the FortiAnalyzer also known as FAZ .  FAZ is a great solution that is "CFO…

By Manny Fernandez

January 5, 2020

Troubleshooting BGP on Fortigate Firewalls

In my previous article regarding Wrong Way I did a lot of BGP troubleshooting and thought I would write an…

By Manny Fernandez

January 1, 2020

Wrong Egress Interface when using VPN

Today I was troubleshooting a problem with a site-to-site, route-based VPN.  Here was the skinny. The Setup I created two…

By Manny Fernandez

December 31, 2019

Password Recovery Options on the Fortigate firewall

Fortigate firewalls have a process for recovering a lost admin password.  You can reset the admin password or reset to…

By Manny Fernandez

December 14, 2019

Complex Passwords for your Fortigate Firewall

Many security frameworks such as NIST, COBIT as well as regulatory bodies such as PCI DSS, SOX, GLBA, HIPAA, etc…

By Manny Fernandez

December 11, 2019

How to use Replacement Message Groups on FortiGate firewalls

As you may have seen in previous articles, the Fortigate firewalls have various replacement messages for various functions such as:…

By Manny Fernandez

December 8, 2019

Updating Images in Fortigate Replacement Messages

The Fortigate firewalls comes with some Replacement Messages.  These various messages are displayed under specific conditions and can be modified.…

By Manny Fernandez

December 6, 2019
banner

FortiOS AutoScript from CLI

OK folks, time for another quick scripting article.  As many may know, there has been some folks that have hit…

By Manny Fernandez

December 5, 2019

Troubleshooting IPSec VPNs on Fortigate Firewalls

Lets start with a little primer on IPSec.  I am going to describe some concepts of IPSec VPNs. IPSec Primer…

By Manny Fernandez

November 12, 2019

Route-Based VPN between Cisco Router and Fortigate Firewall using OSPF

Earlier, I wrote an article showing how to do a VTI (Virtual Tunnel Interface) from a Cisco ASA to a…

By Manny Fernandez

November 10, 2019

Creating a VIP on Fortigate using a Dynamic IP address

When you have a dynamic IP address assigned by your carrier, you are normally only assigned one IP address to…

By Manny Fernandez

November 9, 2019

Categories

Recent posts