The Web Site for the CA Must be Configured to use HTTPS
KB ID 0000838 Problem When attempting to contact a server running the Certification Authority Web Enrolment role, you may see the following error. In order to complete certificate enrolment, the Web site for the CA must be configured to use HTTPS authentication Solution The correct fix is to set the web server (IIS) to serve the certificate website securely using https, though you can just set Internet explorer to ‘work’...
EVE-NG: Create Windows Server 2019 VM
KB ID Article Problem I’ve had a Windows 2012R2 server image that I’ve ben using in EVE-NG for ever. This week it bit the dust so I thought, can I deploy a shiny new 2019 server? EVE-NG Windows Virtual Machines Yes! In fact the deployment procedure is the same for 2019 as it was for earlier versions of Windows server. First log onto your EVE-NG host and create the folder; mkdir /opt/unetlab/addons/qemu/winserver-2019/...
Software is Preventing Firefox From Safely Connecting to this Site
KB ID 0001727 Problem I was setting up some HTTPS/SSL inspection this week and while testing it, I ran into this problem; Firefox Certificate Settings So the machine I’m using DOES trust the CA that issued that certificate, (it’s a FortiGate firewall) But the BROWSER does not. (Firefox maintains its own list of certificates, and more importantly which CA certificates it will trust). Essentially the browser is trying to...
FortiGate: SSL-VPN With FortiClient (AD Authenticated)
KB ID 0001725 Problem FortiGate Remote Access (SSL-VPN ) is a solution that is a lot easier to setup than on other firewall competitors. Here’s how to setup remote access to a FortiGate firewall device, using the FortiClient software, and Active Directory authentication. This is what my topology looks like; Note: I’ve changed the FortiGates default management HTTPS port from 443 to 4433 (before I started). This was to let...
GIMP: Post Upgrade Tools Missing?
KB ID 0001726 Problem I’ve been running an older version of GIMP for a while, it’s been a bit ‘flaky’ since the Big Sur upgrade, so yesterday I took the plunge and updated it. As expected I had to recreate my custom arrow brushes and things. But the problem that hit me the most was ‘Where have all the tools gone!’ Solution I know it’s open source software and I’ve no right to complain,...
Download Veeam
KB ID 0001724 Download Veeam At PNL we have always championed Veeam, below are our links to download Veeam, Theres no surprise it’s the market leader in backup and recovery, it came onto the market when backups were a major IT headache. I can remember having to change nearly 30 different server tapes (a day) and from 09:00 to probably lunch time every day I was fixing backup issues. (Simply Download Veeam and give it a trial!)...
Setup FTP Server with Windows Server
KB ID 0000342 Problem You want to Setup FTP on your Windows Server, (and more importantly make it work without disabling the firewall.) Below are the procedure you will need to carry out. Note: For older Windows Operating systems like Server 2012, click here, or for Server 2008, click here. Setup FTP Server (Windows Server) Setup FTP on Windows Server 2012 (Including firewall setup) Setup FTP on Windows Server 2008 R2 (Including...
FortiGate: Change the HTTPS Fortigate Management Port
KB ID 0001723 Problem Like all firewalls that have ‘web management’ the default ports are 80 and 443 for insecure and secure management. IF you have secure (https) management on the outside interface of your firewall on the normal TCP port of 443. Then you can’t use the same interface to terminal SSL-VPNs. So you will need to change the FortiGate Management Port. You can set SSL-VPN to use a different port of course,...
Microsoft Teams: Suppress Annoying Message Pop-ups
KB ID 0001722 Problem Wow! Who at Microsoft Teams thought that enabling that by default was a good idea? I was on a large conference call this morning, (about 150 people). Every message to the message feed was spewing onto my screen and making a noise during the meeting! Thought: Why do ALL developers think it’s a good idea to have pop-up banner massages appear top right of the screen, (where your windows control buttons and...
Cisco ASA to Fortigate VPN (Properly!)
KB ID 0001721 Problem A while ago I did a run through on site to site VPNs from Cisco ASA to Fortigate firewalls. Back then I said that the default settings were a bit ‘shoddy’ and that I’d revisit it once I had more time. What do you mean shoddy? Well, Cisco and Fortinet are both guilty of enabling ‘Everything’ to make the tunnel come up, so people can just use a wizard and not put to much thought into...