FortiGate HTTPS Error
KB ID Article Problem While attempting to connect to a FortiGate firewall (with Firefox over HTTPS) you may see this error; Secure Connection Failed An error occurred during a connection to {x.x.x.x} SSL received a record that exceeded the maximum permissible length error code : SSL_ERROR_RX_RECORD_TOO_LONG The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please...
Fortigate Load Balancing
KB ID 0001762 Problem I’ve been getting through my NSE4, and one of todays topics was NAT, just as an offhand comment the ‘narrator’ (I say narrator because it’s a monotonous robot AI voice,) mentioned Fortigate Load Balancing. In the past (with my Cisco hat on) when I’ve been asked about load balancing, I’ve said ‘If you want to load balance, buy a load balancer’. But the Fortigate does...
FortiGate Certificates Missing?
KB ID 0001743 Problem Nice quick easy one today, while setting up SSL VPNs for a client I needed to import their Root CA certificate, and found the Fortigate Certificates Missing? Usually they are under System > Certificates. But the tab was simply not there? Solution: Fortigate Certificates Missing Fortunately it was simple to fix, it’s a ‘feature’ you simply need to ‘enable’. Go to System >...
FortiGate Securing Remote Administration
KB ID 0001734 Problem When considering Securing FortiGate remote administration, I’ve written about changing the https management port to something other than TCP 443 before, I suppose that’s security by obfuscation (though even a script kiddy with one hours experience, will be able to spot an html responses). Typically with other vendors you limit remote administration access, to specific IP addresses (or ranges). So...
FortiGate LDAPS Authentication Failure
KB ID 0001733 Problem Here’s a brief one that tripped me up a couple of weeks ago, I was deploying FortiGate LDAPS authentication for some FortiClient SSL VPN connections into a FortiGate firewall like so; Despite my best efforts I was getting authentication failures? If I tested the username and password in the GUI web management portal, that worked fine? Testing FortiGate LDAPS First step is to test authentication at command...