Merry Christmas everyone. It’s the time of year where we seem to see a few major notifications and exploits hit the streets. There seems to be a “if we wait till close to the holidays, then everyone’s guard will be
TLDR; The short version is follow the Fortinet Guide and Microsoft Guide to the letter. The rest of this post steps through the guide and highlights some of the things that may go wrong, what the error messages are and
Fortinet have opened up their technical training program for free online here: https://www.fortinet.com/training/cybersecurity-professionals.html?utm_source=pr&utm_campaign=2020-q2-keyword This includes NSE4 and above now. Previously only for the partner community self paced training material has been available via the partner portal but Fortinet have now
Over the last few days have dealt with a large number of people who are having issues withe remote users seeming being limited to around 10 users. This is because by default, the SSLVPN_TUNNEL_ADDR1 object is created out the box
Not necessarily limited to Fortinet…. An ALG is an application layer gateway and these helpers are used in some cases where the protocol embeds data about the IP endpoints in the protocol itself. e.g. SIP contains the endpoint IP address
Nicely lifted from https://github.com/Security-Onion-Solutions/security-onion/wiki/NetworkConfiguration you can also configure to start tcpdump in post-up Update: WIth netplan you can have an interface brought up without an address by adding it with an empty configuration: {} # This file describes the network
(and Cisco too) see also https://forums.juniper.net/t5/Configuration-Library/CLI-commands-Cisco-VS-Juniper-router-will-help-in/td-p/68088 https://forums.juniper.net/t5/Configuration-Library/SRX-Configuration-Cheat-Sheet/td-p/63057 http://netfixpro.com/wp-content/uploads/2016/09/Juniper-Commands-Cheat-Sheet-1.pdf Basic Commands BGP Commands
philips@dw-swj-1r24b1# set interfaces interface-range esx-trunks member-range ge-0/0/8 to ge-0/0/17 [edit] philips@dw-swj-1r24b1# set interfaces interface-range esx-trunks unit 0 family ethernet-switching vlan members iScsi03-10.12.3.0-24 [edit] philips@dw-swj-1r24b1# show | compare [edit interfaces] + interface-range esx-trunks { + member-range ge-0/0/8 to ge-0/0/17; + unit