Fortigate

This was shockingly easy I removed all the phase 1 encryption methods that weren’t being used and any DH group that didn’t match the Unifi The Phase 2 proposal was…

Mostly for me to remember what to do Plug laptop into Lan1, surf to https://192.168.1.99 login with admin and NO PASSWORD, should be prompted to change the passwordLogin again and…

Why; Fortinet charges $36 CA to convert a configuration from one model to another. Seems like a money grab and should be included in any upgrade. Fortinet will send you…

Disabling SIP ALG see here https://voipdocs.io/en/articles/316-disabling-sip-alg-on-a-fortigate-firewall

When setting up a new Remote Access VPN I recommend to always change to a custom tunnel and set a Peer ID. name can be anything, doesn’t matter. i Typically…

Found out today If you delete a port forward, even if it’s not in use, Fortgate clears the session table so the remaining port forwards STOP WORKING until a port…

Fortigate has added Automations to allow custom alerting Security Fabric, Automation, Create New Another great alerts: Another DHCP server sent DHCP offer (Rogue DHCP server)Authentication Lockout (If you have Local…

An attack has been demonstrated on Firewalls that have an H323 VoIP helper to trick it into connecting to any TCP port and not just the ports used by VoIP….

If you are troubleshooting a Fortinet VPN here are a few tips. Network, Packet capture will allow you to capture data on a VPN tunnel interface. This can be used…

I administer some Fortigate firewalls. After upgrading to v6.2.x we have been getting and error about Memory Conserve Mode and the Firewall stops passing traffic! the work-around is a scheduled…