Monday 13 May 2013

FortiGate EAL4/CC Certification

CC have released a Maintenance Report to update the hardware list that is EAL4 certified with FortiOS 4.0MR3.

This means that the current devices CC/EAL4 certified are as follows:
Read more »
Posted by at No comments:
Labels: , , , , ,

Thursday 9 May 2013

How-to: Clear a session on a FortiGate

Sometimes it can be really useful to clear specific sessions on a FortiGate to help with troubleshooting.

This is especially useful when you've made a change to the config, test it out but you don't get the result you expected. Usually this is because the firewall is still using an existing session that was using the old config. An example of this would be changing the UTM policies.
Read more »
Posted by at 9 comments:
Labels: , , , ,

How-to: Display open ports with linux


To list all open ports on a linux box use the '-ant' option.

root@bt:~# netstat -ant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 127.0.0.1:7337          0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:6001            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:6002            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:6003            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
tcp        0      0 172.16.0.3:22           10.242.2.6:1763         ESTABLISHED
tcp6       0      0 ::1:7337                :::*                    LISTEN
tcp6       0      0 :::5901                 :::*                    LISTEN
tcp6       0      0 :::5902                 :::*                    LISTEN
tcp6       0      0 :::5903                 :::*                    LISTEN
tcp6       0      0 :::22                   :::*                    LISTEN
Read more »
Posted by at 1 comment:
Labels: , , ,

Unable to select different UTM policies in FortiOS 5.0

*Updated for 5.0.7*

I've decided to upgrade one of our FG80's to FortiOS 5.0 to give it a run. Once the upgrades were complete I factory reset the device to start fresh.

One of the first things I noticed was that there was no way for me to select a different UTM profile!

Read more »
Posted by at 4 comments:
Labels: , , , ,

Unable to change HA mode from Standalone on a FortiGate


Today while setting up two devices in HA I noticed that each time I changed the mode from 'Standalone' to 'Active-Passive' or 'Active-Active', the config would always revert backto 'Standalone' after I applied the change.
Read more »
Posted by at 2 comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)