What is SD-WAN?
Jun02

What is SD-WAN?

KB ID 0001752 SD-WAN? What is SD-WAN? A (Software Defined Wide Area Network) is a solution that unlike previous WAN architectures, (the type you typically see on a Visio diagram with maybe some MPLS, leased lines, and maybe some Optical DWDM etc. in them). SD-WAN gives you a more ‘Layered’ approach, that directs USERS to APPLICATIONS based on POLICIES.  For example, let’s say your main business CRM is a SaaS solution...

Read More
FortiClient: Unlicensed VPN access is available until..
Apr06

FortiClient: Unlicensed VPN access is available until..

KB ID 0001745 Problem I got an email from a client I deployed SSL VPN for, (a couple of weeks ago), one of his users was seeing this;   Unlicensed VPN access is available until {Date} {Time} Solution: Unlicensed VPN access is available until… At first I was confused, unlike other vendors SSL VPN is not a licensed requirement? As it turns out in my instructions, I’d written ‘Download the Forticliet” when I...

Read More
FortiGate Certificates Missing?
Apr01

FortiGate Certificates Missing?

KB ID 0001743 Problem Nice quick easy one today, while setting up SSL VPNs for a client I needed to import their Root CA certificate, and found  the Fortigate Certificates Missing? Usually they are under System > Certificates. But the tab was simply not there? Solution: Fortigate Certificates Missing Fortunately it was simple to fix, it’s a ‘feature’ you simply need to ‘enable’. Go to System >...

Read More
FortiGate Port Forwarding
Mar30

FortiGate Port Forwarding

KB ID 0001742 Problem I was back on the tools again today setting up FortiGate Port Forwarding! This was for one of our partners that I have to do some remote work for, so I temporarily needed to get onto their servers. Normally I’d just SSL VPN in, (but that’s what I’m setting up!) So to get onto their servers I had to setup a port forward for RDP. WARNING: Port forwarding RDP from ALL / Any is a BAD IDEA...

Read More
Replacing Cisco Firewalls with Fortinet Firewalls
Mar22

Replacing Cisco Firewalls with Fortinet Firewalls

KB ID 0001741 Replacing Cisco If you’ve been following articles on the site you will know that the focus of the firewall related output is shifting from Cisco ASA / Cisco FirePOWER to Fortinet (FortiGate) firewalls. This article is so you can make an informed choice about what you want to replace your Cisco firewall with. Note: I’m starting with SOHO and Business sized firewalls but I will extend this to ‘Enterprise...

Read More
FortiGate Securing Remote Administration
Feb05

FortiGate Securing Remote Administration

KB ID 0001734 Problem When considering Securing FortiGate  remote administration, I’ve written about changing the https management port to something other than TCP 443 before, I suppose that’s security by obfuscation (though even a script kiddy with one hours experience, will be able to spot an html responses).  Typically with other vendors you limit remote administration access, to specific IP addresses (or ranges). So...

Read More