Fortigate – Ping and Traceroute options
Within the Fortigate firewall you can modify many ping and traceroute options to suite what needs you might have. For example, if you need to modify the source IP address for a ping or trace you have...
View ArticleClik here to view.
Fortigate 6.0 Adding and removing IPs from Quarantine list
Starting in 5.4.1 you could “Quarantine” an IP address. This means that the quarantined host cannot communicate through the firewall. There are many different parts of the firewall the quarantine an IP...
View ArticleFortinac PXE DHCP boot options
Fortinac is built on top of CentOS and is a great product. Recently I needed to have default or isolated vlan support PXE booting as well as isolation. This way if a computer is being imaged we don’t...
View ArticleClik here to view.
Fortigate: Creating a static route in FortiOS 6.2
This entry details how to create a static route in both the GUI and CLI of the Fortigate firewall. Specifically I am using FortiOS 6.2.4 but its pretty much been the same for years. Lets start by...
View ArticleUpdating Fortigate certificates
Certificates for VPN, SSL Offloading (if using Load balancing), or a signed device cert expire, we all know this. Up until last week I had never updated a signed certificate, I had just created a new...
View ArticleClik here to view.
Getting Fortiswitch interface statistics
I am more impressed with Fortiswitches every time I work with them. The ability to implement light NAC features, INTRAvlan firewall policies and overall management really gives these switches a...
View ArticleGetting mac-address table from Fortiswitch
Tracking down MACs from a switch can be very beneficial. You can use the information from the MAC table to track down where a device is plugged into, or if there is some kind of loop in the network....
View ArticleClik here to view.
Setting up Static Addresses for Fortigate SSL VPN clients
I needed to have a specific SSL VPN client to always have the same IP address. This is not overly simple as it seems it should be. I have read there are very neat ways to do it through FortiAuth, or...
View ArticleClik here to view.
Fortinet LDAP/RADIUS Source address with SD-WAN setup
I found this a neat tidbit of knowledge that I thought I should share. Created a Fortinet SDWAN setup with many sites – works awesome. Fortinet’s SDWAN is simple, but very effective with some really...
View ArticleClik here to view.
Fortigate – Separate IP pools out of multiple SDWAN Interfaces
Now that I setup SD-WAN interfaces in Fortigate for almost any deployment – due to future proofing. I have struggled with how to make internal resources that need to nat out publicly from a certain IP...
View Article