Merry Christmas everyone. It’s the time of year where we seem to see a few major notifications and exploits hit the streets. There seems to be a “if we wait till close to the holidays, then everyone’s guard will be
Finding a misconfigured device – Fortigate MAC address sniffing
So, we had some “new” APC PDU installed in a rack. Normally these should just grab DHCP address and we’re off. But in this case I had 2 that simply were not playing ball. Looking at the attached switch ports,
Lets define the Internet
Well, at least the IP ranges we expect. Most FW use “ANY” or 0.0.0.0/0 for the Internet. It’s basically a catch all. However we can actually define it a bit better than that. If we exclude RFC 1918 spaces, DHCP
Using Fortigate for Cloudian S3 Load Balancer
Most of the Cloudian guides suggest using HA-Proxy or similar as a Load Balancer in front of the Cloudian nodes.However, If you have an Existing Fortigate we can use that. I want to: Use the Fortigate to distribute S3 traffic
Fortigate SSL VPN User limits
Over the last few days have dealt with a large number of people who are having issues withe remote users seeming being limited to around 10 users. This is because by default, the SSLVPN_TUNNEL_ADDR1 object is created out the box
Fortinet ALG and SIP
Not necessarily limited to Fortinet…. An ALG is an application layer gateway and these helpers are used in some cases where the protocol embeds data about the IP endpoints in the protocol itself. e.g. SIP contains the endpoint IP address