During Accelerate 2023, Fortinet has introduced the new Fortinet NSE Certification Program which will come into effect on October 1st 2023. Let’s summarize what will change and what is important to know:
New Fortinet NSE Certification Program
New Fortinet Vulnerabilities (March 2023)
Most of you have already read about the latest release of Fortinet’s new PSIRT advisories. There are 15 new vulnerabilities for FortiOS and other products with severity level from low up to critical. We strongly recommend that you checkt the PSIRT advisories and update your Fortinet products to one of…
Swisscom Centro Business: Incoming HTTPS-Sessions and SSLVPN stop working
In the last two weeks we have received many support requests because of non-functioning SSL connections from our Fortinet, Palo Alto Networks and Watchguard customers. Incoming SSL connections on port tcp/443 suddenly stop working. These can be SSLVPNs, Global Protect connections, port forwardings (VIPs, Destination NAT) for internal web servers…
New FortiGate Vulnerability – CVE-2022-42475
Today Fortinet has published a new critical vulnerability in their FortiGate products. A successful attack allows arbitrary code or commands to be executed. The problem exist in the SSLVPN module – and you might be vulnerable if you are using SSLVPN and not running the latest patch release of the…
Information on Log4j Vulnerability / CVE-2021-44228
Hi all, another vulnerability – log4j – is keeping us all on our toes.In this blog article you will find information about log4j from our vendors.
Fortigate S2S-Dialup VPN – Traffic does not run through IPsec tunnel anymore
After Fortigate upgrade v6.4 > v7.0.1 (or later) the S2S-dialup VPNs did not work anymore. Tunnel negotiation is successful and phase 1 and 2 get up. Traffic from spoke is routed into the tunnel, but is seems that the traffic is not received by the hub.
FortiGuard Servers are not reachable
Update – 10. November 2021: It seems that the server “45.75.200.89” is not in use anymore – it is “not reachable” at the moment. Please use “194.69.172.53” instead. Blogpost – 3. November 2020: From time to time customers noticed that the Fortigate cannot reach the Fortiguard Servers anymore. This is…
Fortiguard DNS servers are enforcing EDNS policies
Some of you may have noticed that a Fortigate – configured to use the FortiGuard DNS Servers – is not resolving some DNS names anymore. Consequences can be that FQDN address objects can not be resolved or a configured mail server can not be used anymore.
Error message: “Unable to load FortiGuard DDNS server list”
For some reasons Fortigates are are not able to load the FortiGuard DDNS server list. Therefore you are not able to configure DynDNS on your Fortigate anymore. In the WebUI you will see following error message under Network > DNS > FortiGuard DDNS and you are not able to list…
FortiWeb v6.4.0 and Let’s Encrypt
FortiWeb v6.4 starts to support the integration with Let’s Encrypt. This allows you to automatically generate server certificates alleviating the need to upload private certificates. The administration guide gives you some information on how to request those Let’s Encrypt certificates but in our opinion the configuration guidelines are not sufficient….
