Ab sofort können sich sich bei der „Boll Engineering Tech Blog Updates Mailingliste“ anmelden.
Damit erhalten Sie automatisch ein Email, sobald ein neuer Blog Beitrag veröffentlicht wurde.
You can now subscribe to the „Boll Engineering Tech Blog Updates Mailinglist“.
You will automatically receive an email as soon as a new blog post is published.
The good news first: If you’re currently using the FortiClient to establish a Dialup IPsec VPN (Aggressive, PSK based), the same configuration should also work with the native macOS client.
„FortiGate: IPsec VPN with native macOS client“ weiterlesen
QuoVadis hat letztes Jahr ihre Kunden angeschrieben, dass die «QuoVadis Swiss Advanced CA G3» per 31.12.2020 revoziert wird.
Damit signierte Nachrichten beim Empfänger weiterhin als gültig angezeigt werden, müssen die S/MIME Benutzerzertifikate auf der SEPPmail von der «QuoVadis Swiss Advanced CA G4» ausgestellt sein.
„SEPPmail: QuoVadis G3 Zertifikate ersetzen“ weiterlesen
Here you can find some recommendations how to configure protection in Kaspersky Endpoint Security for Windows and reduce the impact on the system. The original document written by Evgeniya Kirikova from Kasperksy can be downloaded here.
Each month WatchGuard publishes numerous new articles and known issues to the WatchGuard Knowledge Base. Here is the new content published in November:
Firebox Cloud supports accelerated networking in Azure
Known Issues
IKEv2 profile import fails on macOS Big Sur 11.0.1
DHCPv6 server restarts repeatedly when DHCP reservation exists
Hotspot custom logo does not load in Fireware v12.6.2
Cannot edit SD-WAN actions after you change the names of multiple external VLAN interfaces
Application Control category actions not applied correctly on 12.5.x Firebox fully managed by Management Server 12.6.x
Upgrading from Dimension 2.1.2 to Dimension 2.1.2 Update 4 fails due to lack of free disk space
Application Control category action changes to Drop after upgrade to Fireware v12.6.2
Interfaces with fixed link speeds change to 10 Mbps Half Duplex after upgrade from Fireware v12.5.4 to v12.6.2
Files load slowly through an HTTPS-proxy when content inspection is enabled with Application Control or IPS
AP125 and AP325 reboot after kernel panic message
Mobile VPN with SSL client not supported on Windows devices with ARM processors
Are you running FortiOS 6.2.x and your Web Filter Overrides suddenly stopped working? Then read ahead.
„FortiOS 6.2: IPS Engine Update affects behaviour of Web Filter Overrides“ weiterlesen
„FortiGate SSLVPN Update-Empfehlung“ weiterlesenUpdate, Nov 2020:
More than a year after Fortinet described this SSLVPN vulnerability, it gets new attention. A few days ago a list of IPs and domain names of vulnerable Fortigates was published. This list is dated November 2019 and one can only hope that many of these systems have already been patched.
Two days ago, this list was extended with usernames and passwords that were exploted via this vulnerability. Even if the Fortigates have been patched – as long as the passwords have not been changed, an attacker could still use them to gain access to protected networks.
SD-WAN is a cool feature to configure redundant internet access. But it was designed with load-balancing in mind and this brings some challenges to specific use cases. As an example, while you can use SD-WAN rules to define the preferred path for a specific application/system, it won’t prevent that the traffic is routed over another interface in case of an outage.
„FortiGate: Deny-Policies for SD-WAN members“ weiterlesen
Spoiler Alert! – Since the release of macOS 11.0 aka Big Sur, your FortiClient VPN might not be working as expected anymore if you have already upgraded.
There’s a chance you might not have noticed it, in the case that you’re using SSL VPN only in your environment. But as soon as you also have IPsec tunnels you’d like to use, you might find yourself with a successfully established tunnel, but no traffic is reaching your remote end.
„FortiClient and macOS Big Sur – SSL top, IPsec flop“ weiterlesen
Am 11. November 2020 ist SEPPmail v12 erschienen. SEPPmail hat hierzu eine Übersicht der Neuerungen veröffentlicht, welche wir euch nicht vorenthalten möchten.
Und falls ihr es noch nicht kennt, lohnt sich auch ein Blick in das neue Onlinehandbuch: https://docs.seppmail.com
„SEPPmail v12 Release Notes“ weiterlesenThe System Engineers of BOLL Engineering have been supporting Fortigate devices for 18 years. This year, FortiOS v6.4 was released and we have again gathered all the troubleshooting commands that we use regularly in our new CheatSheet.
Hopefully this CheatSheet will help you as well.
You will find the most important commands on the first page. The second page contains troubleshooting commands for problems with firewall policies and security profiles, followed by the third page with commands for network problems. The last page covers system and hardware commands and general information.
Updated to v1.1 (addition and correction for FortiToken, 11.12.2020)
Happy troubleshooting!
1,010 total views, 1 views today
