FortiClient SSL VPN Error
Jul27

FortiClient SSL VPN Error

Posted By on Jul 27, 2022

VPN Error KB ID 0001795 Problem I have a FortiGate/FortiClient test bench setup for testing, and its to been used for a while. When I attempted to use it this happened; Unable to logon to the server. Your username or password may not be configured properly for this connection. (-12) While messing around trying to fix it I also got this error; Unable to establish the VPN connection. The VPN server may be unreachable. (-14) Disclaimer:...

Read More
FortiGate Port Forwarding
Mar30

FortiGate Port Forwarding

Posted By on Mar 30, 2021

KB ID 0001742 Problem I was back on the tools again today setting up FortiGate Port Forwarding! This was for one of our partners that I have to do some remote work for, so I temporarily needed to get onto their servers. Normally I’d just SSL VPN in, (but that’s what I’m setting up!) So to get onto their servers I had to setup a port forward for RDP. WARNING: Port forwarding RDP from ALL / Any is a BAD IDEA...

Read More
FortiGate High Availability (Active / Passive)
Jan22

FortiGate High Availability (Active / Passive)

Posted By on Jan 22, 2021

KB ID 0001730 So my aim was to setup FortiGate High Availability failover in Active / Passive mode. I’m setting this up in EVE-NG and here’s what my lab looks like; Note: Im using TWO connections for Heartbeat/Failover, you can simply use one if you prefer. FortiGate High Availability (Pre-Requisites) Obviously the firewalls need to be the same! For physical firewalls that’s straightforward, but be careful if you are...

Read More
FortiGate: SSL Inspection (HTTPS Inspection)
Jan15

FortiGate: SSL Inspection (HTTPS Inspection)

Posted By on Jan 15, 2021

KB ID 0001729 Problem Do you inspect the traffic on your network? You have a firewall? Maybe an IDS appliance? That’s good news, do you inspect HTTPS traffic? In most cases the answer is no. Because either you do not have the capability, or enabling SSL Inspection will degrade the firewall’s performance so much that you accept the risk. At time of writing (Early 2021) it’s estimated that 85% of all web traffic is now...

Read More
Fortigate to Cisco ASA Site to Site VPN
Nov24

Fortigate to Cisco ASA Site to Site VPN

Posted By on Nov 24, 2020

KB ID 0001717 Problem Continuing with my ‘Learn some Fortigate’ theme’. One of the basic requirements of any edge firewall is site to site VPN. As the bulk of my knowledge is Cisco ASA it seems sensible for me to work out how to VPN both those firewalls together, like so; Well that’s the pretty picture, I’m building this EVE-NG so here’s what my workbench topology looks like; Disclaimer (Read First!...

Read More