FortiGate High Availability (Active / Passive)
KB ID 0001730 So my aim was to setup FortiGate High Availability failover in Active / Passive mode. I’m setting this up in EVE-NG and here’s what my lab looks like; Note: Im using TWO connections for Heartbeat/Failover, you can simply use one if you prefer. FortiGate High Availability (Pre-Requisites) Obviously the firewalls need to be the same! For physical firewalls that’s straightforward, but be careful if you are...
Cisco IOS: Ether-Channel Trunks
KB ID 0001533 Problem This is a subject that every time I need to create an Ether-Channel I end up checking beforehand, so it’s about time I wrote it up. We are combining two different things, an Ether-channel, (an aggregation of links) and a Trunk (the ability to carry many VLANS). If you are NOT from a Cisco background then you might want to read though the following post first to avoid confusion about the world...
Cisco Router IOS – Configuring EIGRP
KB ID 0000929 Problem For the first time in about ten years I had to deal with EIGRP last week, so I thought I would run it up in a lab. Normally I would use GNS3 but for this procedure I’ll use Cisco Packet Tracer.</p< In fact I’ll include the files so you can download and use the lab yourself, (if you have a copy of Packet Tracer). And I’ll also include the configs for all the routers. In the lab I’ve...
Cisco Firewall (ASA/PIX) – Granting Access to an FTP Server
KB ID 0000772 Problem If you have an FTP server, simply allowing the FTP traffic to it wont work. FTP (in both active and passive mode) uses some random high ports that would normally be blocked on the firewall. So by actively inspecting FTP the firewall will know what ports to open and close. Solution How you ‘allow’ access to the FTP server will depend on weather you have a public IP address spare or not, if you only...
Cisco AnyConnect – Essentials / Premium Licenses. Explained
KB ID 0000628 Problem Note: With Anyconnect 4 Cisco now use Plus and Apex AnyConnect licensing. When Cisco released the 8.2 version of the ASA code, they changed their licensing model for AnyConnect Licenses. There are two licensing models, Premium and Essentials. Solution Cisco ASA AnyConnect Premium Licenses. You get two of these free with your firewall*, with a ‘Premium License’ you can use the AnyConnect client...