Motivation As a distributor we offer various security products from different vendors. On the one hand these are FortiGate and PaloAltoNetworks NGFW firewalls to make the perimeter more secure, on the other hand products & services from Kaspersky. Kaspersky offers various threat feeds that can be used in other products….
Exchange OnPrem and Add-Ins from the Office Store
Recently, I had the challenge of rolling out an Outlook add-in in an Exchange 2016 environment. In the past, this used to be straightforward task in the Exchange Control Panel (Organization → Add-ins → Add from the Office Store).
How to configure the FortiGate for a 3CX UC system with SIP trunk
3CX is a very widespread UC solution (phone system or also known as PBX). FortiGate is a very widespread firewall solution. Both of the products are very good in doing their thing. But to work together, a littlebit of configuration work is needed. Below you can find an example configuration…
FortiGate: Deny-Policies for SD-WAN members
SD-WAN is a cool feature to configure redundant internet access. But it was designed with load-balancing in mind and this brings some challenges to specific use cases. As an example, while you can use SD-WAN rules to define the preferred path for a specific application/system, it won’t prevent that the…
How to upgrade a FortiClient EMS free-, trial- or evaluation-license
FortiClient EMS is a central endpoint management solution from Fortinet. There are three possible license types and it is not always possible to change the license state between different license types. This article will bring light into the dark of FortiClient EMS license upgrading. Free trial license A free trial…
CVE-2022-40684 – Fortinet: Authentication bypass on administrative interface (HTTP/HTTPS) (English)
German Version: CVE-2022-40684 – Fortinet Authentication bypass on administrative interface (HTTP/HTTPS) (Deutsch) You have certainly (and hopefully) read the information on the published Fortigate administration access vulnerability and applied the appropriate patches. We have compiled all the information again here for your convenience.
CVE-2022-40684 – Fortinet: Authentication bypass on administrative interface (HTTP/HTTPS) (Deutsch)
Englische Version: CVE-2022-40684 – Fortinet Authentication bypass on administrative interface (HTTP/HTTPS) (English) Sie haben sicherlich (und hoffentlich) die Informationen über die veröffentlichte Fortigate-Schwachstelle beim Zugriff auf die Administration gelesen und die entsprechenden Patches installiert. Wir haben alle Informationen hier noch einmal für Sie zusammengestellt.
FortiGate VM License Troubleshooting
When you setup a new FortiGate VM, sometimes the licensing process is not working as expected. To simplify the process of licensing a FortiGate VM for you, we have created this guide. Let’s first have a look into the licensing process on the FortiGate VM, before we discuss the Troubleshooting….
FortiGate with FortiOS 7.2: First configuration steps
Last update: 17. April 2023 In our daily support work we often see FortiGates in use on which the basic settings like time zone, host name and so on have never been set correctly. Therefore we would like to provide you with a small guide on this page, with which…
Fortigate: L2TP over IPsec configuration needs to be manually updated after upgrading from 6.4.x or 7.0.x
Fortinet has added a special note in the release notes of FortiOS 7.0 as follow: Source:https://docs.fortinet.com/document/fortigate/7.0.6/fortios-release-notes/927994/l2tp-over-ipsec-configuration-needs-to-be-manually-updated-after-upgrading-from-6-4-x-or-7-0-0-to-7-0-1-and-later Unfortunately the second point does not clearly state which policy exactly needs to be changed.Here is a screenshot of the changed policy: As you can see, the policy from the l2tp client to the…