After managing a small number of Fortigates for a handful of years I have came up with two rules that I wished I would have known when I started. There are numerous best practices but these two have caused me the most pain recently. Never install a dot zero release of the Fortigate firmware and …
Author Archives: admin
Azure Application Insights On-Prem Web Farm
On each of the nodes of the web farm with a shared config run the following commands. Download: https://www.powershellgallery.com/packages/Az.ApplicationMonitor/ After the commands have been run go into IIS on one of the machines in the web farm and add a module with name ManagedHttpModuleHelper pointing to Microsoft.AppInsights.IIS.ManagedHttpModuleHelper.ManagedHttpModuleHelper in the dropdown box. https://docs.microsoft.com/en-us/azure/azure-monitor/app/status-monitor-v2-overview
Vmware workstation error code 0xc00000005
Kept getting error code 0xc00000005 when trying to install windows 2019 as a guest on VMware workstation. I uninstalled and tried VirtualBox and got a different error. Searching the log files lead me to the following post about hyper-v interference. I had uninstalled Hyper-v but there must have been some hyper-v feature left. The following …
Continue reading “Vmware workstation error code 0xc00000005”
Finally passing the CISSP certification
After multiple starts and stops I finally was forced to take the CISSP November 23rd as I was not able to postpone the cert further. I have been working as a sysadmin/security analyst in a single location for over 20 years. When working at the same job for so long, there is a risk of …
Fortigate to Fortigate VXLAN – Disaster Recovery
Been working on a solution for a disaster recovery one of the goals was a stretched layer 2 network. Since we would need a similar firewall with similar rules at the DR location I have been investigating vxlan over and IPSEC tunnel. This is the current test config I will update it when more testing …
Continue reading “Fortigate to Fortigate VXLAN – Disaster Recovery”
Packet Capture without Wireshark
I needed to capture packets off a production web server but did not want to add additional unnecessary software to production like wireshark or similar. I came across some dated articles on Netsh that looked promising. But the tool used to convert to packet capture seemed to be deprecated. Luckily the following tool allows you …
Forticlient Prompts for Admin Credentials – Note
During recent roll-out of Forticlient 6.0.9 we noticed that when users clicked on the Forticlient icon they would get a prompt for admin credentials. After some testing we found a reboot has fixed all of them. Some require multiple reboots for the prompt to go away.
Ultramarathon Man review
A quick entertaining read about Dean Karnazes, how he began running, and started ultra endurance racing. The book does a good job of detailing some of his bigger endurance feats, as you read about some of his overnight and extreme runs you start to realize that the human body is capable of so much more …
Fortigate with Fortilink enabled switches that won’t upgrade
We had a number of Fortigate firewalls managing Fortiswitches via Fortilink, and no matter what version of Fortiswitch firmware we tried the switches would reboot but not upgrade. After some troubleshooting we found that using the following commands allowed the switches to be upgraded. config switch-controller global set https-image-push enable end
Fortigate traffic sourced from wrong interface
Installed new Fortigate 61E’s, everything seemed to work as planned until I wanted to added Fortianalyzer for traffic analysis. Testing seemed to indicate that Fortianalyzer traffic was being sent out the WAN interface instead of the IPSEC tunnel. After searching around I found that a source ip needed to be set for traffic originating from …
Continue reading “Fortigate traffic sourced from wrong interface”