• Home
  • About
    • Disclaimer
  • Archives
  • Tools

Posts tagged Fortigate

Fortios 5.6 – Enable intra-vap-privacy or prevent Intra-SSID traffic

Mar29
2018
Written by david

In order to prevent communication between wifi clients and add extra security layer to the wifi users, we can enable the intra-vap-privacy feature and isolate the wifi clients.

config wireless-controller vap
edit "SSID Name"
set intra-vap-privacy enable
next
end
VN:F [1.9.20_1166]
please wait...
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.20_1166]
Rating: 0 (from 0 votes)

Fortigate – useful log related cli commands I use.

Jan02
2018
Written by david

I use these commands whenever I have problems with the log facility and I need to reset it.

Set the maximum size of the memory buffer log, in bytes. (Default 65536)

config log memory global-setting
set max-size 2048000

Clear all logs

execute log delete-all

READ MORE »

VN:F [1.9.20_1166]
please wait...
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.20_1166]
Rating: 0 (from 0 votes)
Tagged CLI

Fast way to enable Syslog server on fortigate

Sep13
2015
Written by david

Here are the cli commands I use to set a fortigate unit with a Syslog server, change the server IP and the facility as needed.

config log syslogd setting
 set status enable
 set server 192.168.0.10
 set port 514
 set facility user
end

READ MORE »

VN:F [1.9.20_1166]
please wait...
Rating: 10.0/10 (1 vote cast)
VN:F [1.9.20_1166]
Rating: +1 (from 1 vote)
Tagged CLI

Fortigate rates legitimate web sites as “pornography”

Nov15
2011
Written by david

I had this problem with a few of my costumers.
The Fortigate appliance suddenly decided that legitimate web sites categorized as porno.
At first I filled the form for reevaluate the web sites until is became a flood.
I have opened a ticket at Fortinet for this problem and this is there respond…. READ MORE »

VN:F [1.9.20_1166]
please wait...
Rating: 6.0/10 (2 votes cast)
VN:F [1.9.20_1166]
Rating: +2 (from 4 votes)
Tagged How to

Fortigate: “The cmdb add entry failed”.

Jul31
2011
Written by david

The Fortigate web interface is a great management tool, unfortunately there might be a bug that prevents you from creating new rules or adding new objects to the device.

It’s possible to change the configuration by modifying existing objects but can’t create new ones. READ MORE »

VN:F [1.9.20_1166]
please wait...
Rating: 8.3/10 (9 votes cast)
VN:F [1.9.20_1166]
Rating: +4 (from 8 votes)

Fortigate: edit static arp entries.

Jul22
2011
Written by david

I use this commands to list, troubleshot and edit arp related problems/settings on a Fortigate unit.

To list your existing ARP table entries on a Fortigate unit.

get system arp-table

Use this command to add ARP table entries to the Fortigate unit. READ MORE »

VN:F [1.9.20_1166]
please wait...
Rating: 9.0/10 (5 votes cast)
VN:F [1.9.20_1166]
Rating: +3 (from 5 votes)
Tagged CLI

Fortigate AS Engine feature returns an error “ASE reports it as spam”.

Jul19
2011
Written by david

Outside users attempting to send emails to our domain were blocked with the following error:

554 5.7.1 This message has been blocked because ASE reports it as spam.

I have extracted this info from Fortinet KB:
The AS Engine feature was released in FortiOS 4.0. A new AntiSpam Rule Set was also introduced in v4.0, this is the new rule which contains a Heuristic Antispam check for all suspicious spam upon passing through a firewall. READ MORE »

VN:F [1.9.20_1166]
please wait...
Rating: 8.5/10 (6 votes cast)
VN:F [1.9.20_1166]
Rating: +3 (from 5 votes)
Tagged 554 5.7.1

FortiClient SSL VPN dropping the connection at 98%.

Jun23
2011
Written by david

Just a quick reminder to myself, FortiClient SSL VPN can drop the dialing process if the “Mcafee security scan plus” is installed on the PC.

Check in “add/remove programs” if you see the “Mcafee security scan plus”, uninstall it and try to connect again.

A lot of security software like anti-viruses and personal firewalls can interfere with the dialing process of the SSL VPN, try to disable them if the problems persists.

Update:
Microsoft Security Essentials is blocking the dialing process too.
Update 2:
Try to disable IPV6 from net­work setting.

VN:F [1.9.20_1166]
please wait...
Rating: 5.1/10 (31 votes cast)
VN:F [1.9.20_1166]
Rating: 0 (from 8 votes)
Tagged Antivirus, SSL VPN

How to: Enable SNMP monitoring on a Fortigate device from CLI.

May13
2011
Written by david

This document will show you step-by-step, how to enable the SNMP on a fortigate device from the cli, to be able to monitor its performance from your favorite network monitoring tool (Nagios, NetXMS, Big Sister, Cacti etc). I use The Dude (by Mikrotik) to monitor my networks, it’s a great free windows based tool. READ MORE »

VN:F [1.9.20_1166]
please wait...
Rating: 9.6/10 (7 votes cast)
VN:F [1.9.20_1166]
Rating: +1 (from 1 vote)
Posted in Networking - Tagged CLI, CMD, How to, Monitoring, SNMP

Configure PPTP vpn on a Fortigate device from CLI.

Apr25
2011
Written by david

Beginning with version 4.0, Fortinet, for some reason, removed the PPTP VPN option from the GUI interface.
If the vpn was configured, prior to the firmware was updated to version 4.0+, the PPTP  vpn server would have continued to function, without the option to make changes from the GUI.

In a freshly installed device or in a new device with a pre-installed firmware version greater than version 4.0, this option is disabled by default and for some reason, you need to enable this option.

The only way to do that, is to go to the CLI and enable it from there. READ MORE »

VN:F [1.9.20_1166]
please wait...
Rating: 7.6/10 (9 votes cast)
VN:F [1.9.20_1166]
Rating: +3 (from 3 votes)
Tagged CLI, How to, PPTP, VPN

Categories

  • Command Line (11)
  • Exchange (8)
    • 2007 (4)
    • 2010 (5)
  • Fortigate (10)
  • FreeNAS (2)
  • HmailServer (1)
  • How To: (8)
  • MS SQL 2008 (4)
  • Networking (4)
  • Open Source (1)
  • PowerShell (2)
  • Recovery (1)
  • SBS (8)
    • SBS 2008 (6)
    • SBS 2011 (3)
  • Terminal Server (2)
  • Veeam (2)
  • VMware (6)
  • Windows (18)

Links

  • חי הדפסות – דפוס משי, חולון
  • שלישיה – זה לא מה שחשבתם

Archives

  • March 2018
  • January 2018
  • September 2015
  • January 2015
  • August 2014
  • May 2014
  • December 2013
  • January 2013
  • October 2012
  • September 2012
  • July 2012
  • June 2012
  • May 2012
  • January 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • July 2011
  • June 2011
  • May 2011
  • April 2011
Site Meter

EvoLve theme by Theme4Press  •  Powered by WordPress How to do.....IT