Category Archives: SSL

802.1X EAP Protocols Explained

At its core, IEEE 802.1X is a network layer protocol used for Port-based Network Access Control (PNAC). It provides an…

By Manny Fernandez

March 5, 2026

IPsec VPNs Deep Dive

Establishing an IPsec VPN between two sites or even among multiple sites such as Fortinet's ADVPN.  But do we really…

By Manny Fernandez

February 16, 2026

Deploying FortiWeb on ProxMox Server

I have learned from buiding my lab, that all products running on ProxMox require a little more hand holding than…

By Manny Fernandez

February 14, 2026

Host Header Based NAT’ng

Use Case Well, its not 100% Network Address Translation, although it does do just that. The Use Case is as…

By Manny Fernandez

January 30, 2026

Different Types of Certificates You Can Get Today

Today, trusted Certificate Authorities (CAs) like DigiCert, Sectigo, and GlobalSign offer several types of certificates categorized by their validation level…

By Manny Fernandez

January 27, 2026

Removing “Launch FortiClient” from FortiGate Web Portal VPN

I had a customer that had configured a Web Portal VPN and he did not want anyone using FortiClient since…

By Manny Fernandez

October 4, 2021

Converting Certificates using OpenSSL

During the course of most security administrator's life, you will inevitably need to convert certificates from certain formats to other…

By Manny Fernandez

September 30, 2021

Troubleshooting FortClient VPN Connectivity Issues with FortiGate

As more and more users are using remote access VPNs and probably using FortiClient, I wanted to share the errors…

By Manny Fernandez

April 23, 2020

SSL VPN Realms with Custom URLs

Had a friend write up a great article on using custom URLs for realms on the Fortigate using SSL VPNs.…

By Manny Fernandez

February 10, 2020

DoH (DNS over HTTPS) vs DoT (DNS over TLS) in the Secure DNS Wars

It appears we are seeing a "Betamax vs VHS" battle in the aging DNS war.  Who will win? Will it…

By Manny Fernandez

November 19, 2019

Using Let’sEncrypt with Fortigate Firewalls

Wanted to socialize this important Blog Post from my friend and colleague Matt Sherif.  In this post, he describes how…

By Manny Fernandez

September 9, 2019

Installing FortiClient on Ubuntu Linux for SSL VPN

I ran Windows as my main Desktop OS for many years.  When XP came out, I decided to move to…

By Manny Fernandez

August 11, 2019

UPDATED – Certificate Pinning you SSL VPN with Microsoft CA and Fortigate Forticlient Using ‘user’ certificates

Customer wanted to ONLY allow devices that are trusted devices (owned by the customer) to connect using the ‘Full Access”…

By Manny Fernandez

May 15, 2019

Secure LDAP and AD Password Change via Forticlient

First of all, I wanted to give credit to a good friend of mine (Brian Modlin) that hit me up…

By Manny Fernandez

April 20, 2019

Disabling Weak Ciphers on Fortigate Firewalls

A customer of mine sent me an email after having a vulnerability assessment done against his environment.  He got back…

By Manny Fernandez

April 14, 2019

Using OpenSSL for your SSL Decryption and distributing the cert via GPO

I have another post from a while back that uses Microsoft CA services which I will be updating in the…

By Manny Fernandez

April 7, 2019

Using OpenSSL to Provision Wildcard Certificate

I have my lab set up with plenty of gear from Fortinet, Cisco, Palo Alto and Checkpoint. In order to…

By Manny Fernandez

January 3, 2019

Categories

Recent posts

  • At its core, IEEE 802.1X is a network layer... Full Story

  • In case you did not see the previous FortiNAC... Full Story

  • This is our 5th session where we are going... Full Story

  • Now that we have Wireshark installed and somewhat configured,... Full Story

  • The Philosophy of Packet Analysis Troubleshooting isn't about looking... Full Story