AnyConnect Error: Unable To Verify IP Forwarding Table Modifications
KB ID 0001646 Problem While attempting to connect to a clients AnyConnect, this happened; The VPN client was unable to successfully verify the IP forwarding table modifications. A VPN connection will not be established. Or on older clients, you may see; The VPN client was unable to modify the IP forwarding table. A VPN connection will not be established. Please restart your computer or device, then try again. Solution I was trying to...
PDF File: Remove Password Protection
KB ID 0001719 Problem My daughter had a file that was protected by a password, (it had sensitive personal information in it). She wanted to send this file to someone, but wanted to remove the password protection first. I thought this would be easy, open it in Acrobat Reader, find the bit that says ‘password protect’ and untick it right? Well to enable that ‘feature’ (called the “protect feature”),...
Fortigate: Cannot Ping an Interface?
KB ID 0001718 Problem With other firewall vendors (i.e. Cisco) you can ping any interface you are ‘directly connected to’. With Fortigate however you cannot (by default). That’s not the end of the world you can check connectivity using ARP (see below) which is what really cool network techs do instead! But if you want to be able to ping an interface (even for a short period of time). Here’s how to do it....
Fortigate to Cisco ASA Site to Site VPN
KB ID 0001717 Problem Continuing with my ‘Learn some Fortigate’ theme’. One of the basic requirements of any edge firewall is site to site VPN. As the bulk of my knowledge is Cisco ASA it seems sensible for me to work out how to VPN both those firewalls together, like so; Well that’s the pretty picture, I’m building this EVE-NG so here’s what my workbench topology looks like; Disclaimer (Read First!...
Fortigate: One to One (Static NAT)
KB ID 0001716 Problem If you have a host that you want to be able to access from the outside of the firewall e.g. a webserver then this is the process you want to carry out. I didn’t find this process particularly intuitive and it highlighted why I don’t like GUI management interfaces, (in 6.4 the menu names have changed, this rendering a million blog pages inaccurate!) I’m setting this up in EVE-NG on the work bench...