ESX SD Card?
KB ID 0001785 Problem For a while it’s been common knowledge that running ESX 7.x from a server that boots with an SD-Card is a no no. VMware themselves said (originally) that they would not support it. Then they said they would ‘sort of’ support it, if there was additional persistent storage. Then in the past week they’ve said, VMware will continue supporting USB/SD card as a boot device through the vSphere...
FortiGate IPS (IDS)
KB ID 0001783 Problem If you want to employ the IPS service of a FortiGate firewall then you need a license for that privilege. At the time of writing you can get IPS as part of the following subscription licenses; Enterprise Protection SMB Protection (Only on firewalls SMALLER than 100F) Unified Threat Protection (UTP) Advanced Threat Protection (ATP) But Forti love to change the names of things, so double check with your vendor....
FortiCare Versions Essentials, Premium, or Elite?
KB ID 0001782 FortiCare Versions With the release of the Q2 2022 FortiNet price list, they have decided to split FortiCare up into three different versions FortiCare Essentials: Is the base-level service, and it is targeted toward devices that require a limited amount of support. This service is only offered to FortiGate models 8x and below and to low-end FortiWifi devices. Support includes web only tickets & chat, with next day...
Fortigate Hairpin NAT
KB ID 0001781 Problem Imagine the following scenario, you have a PUBLIC web server and it’s either in the same network your uses are or attached to a DMZ on your FortiGate. So above our users open a web browser and attempts to go to www.ubique.com (1) Their PC will do a DNS lookup for www.ubique.com and (in this case) a public web server returns an ip of 192.168.100.200 (2). The browser then attempts to HAIRPIN to that IP which...
Mac: No Captive Portal
KB ID 0001780 Problem I was on a train today, and they were offering free Wi-Fi but despite me being able to connect, I had no internet access. This has happened a few times to me and it’s when I need to connect to a captive portal to get internet access, then no captive portal ever appears. Note: A captive portal is just a pop up window that you usually see on ‘Free’ wifi services, so you can ‘Pay’ for...
vSphere Disable Timeout
KB ID 0001118 Problem One annoying thing about the vSphere web client is the fact it throws you out after a period of inactivity. Now I know there are straight forward security reasons for this, and on a production environment thats fine. But on my test network theres just me, sighing every few minutes and logging back in again. As the ‘Flash’ client is getting depreciated I’ll concentrate on the HTML5 client, but...
Windows Server 2022 SFTP
KB ID 0001779 Problem Note: This will also work on Server 2019 There’s really no excuse to be using FTP any more, it’s insecure and your username, passwords and data are sent in clear text! So let’s put the secure in FTP and deploy Windows Server 2022 SFTP instead! Note: Yes there’s FTPS as well (and it’s not the same), that adds a secure layer to the old FTP protocol. SFTP is a completely different...
Download VMware Converter
KB ID 0001778 Problem NOTE Conveter 6.3 can now be downloaded directly from VMware! If you try and Download VMware Converter, you will find VMware ‘pulled’ the files because of a zero day exploit that’s associated with the software, the VMware official posting you can find here. (they are working on publishing a replacement.) Download VMware Converter If you are adamant you want to use this tool and accept the risks...
Upload Files to VMware Datastore Fails
KB ID 0001777 Problem Whilst attempting to upload an ISO into a VMware datastore this morning, I got this error; The operation failed for an undetermined reason. Typically this problem occurs due to certificates that the browser does not trust. If you are using self-signed or custom certificates, open the URL below in a new browser tab and accept the certificate, then retry the operation. Solution I’ve encountered this exact...
Cisco to FortiGate Command Conversion
KB ID 0001776 Problem Bah what the hell is ‘show run’? If you’ve spent years on Cisco IOS and ASA/Firepower, then FortiGate can be a little confusing. Hopefully this Cisco to FortiGate list below will make it a little easier. Cisco to Fortigate Translation Cisco Command FortiGate Command Basic commands show run show full-config show version get system status show ip interface brief show system interface show run...