Based on two recent support cases regarding the IPsec performance between an OnPrem and Azure FortiGate, we did some testing using the latest FortiOS 6.4.1. We’ve created a basic IPsec tunnel using the wizard, deployed an Ubuntu machine at both sites and used iPerf3 to do some speed testing. The…
Since a while, the most recent macOS versions the system do report the use of “legacy system extensions” which is often triggered by modules or plugins of low-level software like VPN Clients, AV software etc.
Did you know, that on the FortiAP FAP-C24JE, the VLAN ID’s 898 and 899 are reserved for system use? Or that the FortiAP models FAP-S221E, FAP-S223E, FAP-221E, FAP-222E, FAP-223E and FAP-224E can not work with VLAN ID 97 and 98? I’m sure you already guessed it: These ID’s are reserved…
There seems to be a vulnerarbility in some FortiMail versions, that allow an unauthenticated remote attacker to access the system by requesting a password change. Please refer to the FortiGuard PSIRT article. The problem here is not only the unauthorized access to the system, but also the change of the…
Since June 1st you may notice that some websites (https) are not working anymore when Fortigate or the Palo Alto Networks Firewall is doing decryption or certificate inspection. Typically you are getting one of the following error messages:
Last Update: 25. April 2024 Configuring SSLVPN with FortiGate and FortiClient is pretty easy. Nevertheless problems may occur while establishing or using the SSLVPN connection.
Because it’s very difficult to take exams at PearsonVUE right now, you may get in trouble regarding the timely recertification of existing certifications. Therefore some vendors have announced an extension for their recertification expiration: PaloAltoNetworks is extending the certification expiration date by six month for Credential holders with expiration date between March 1,…
Here you will find the most important support links of our vendors regarding Home-/Remote-Office, Dialup VPNs and MultiFactor Authentication:
Da die Server von www.forticlient.com gut ausgelastet waren zu beginn der Homeoffice-Zeit wegen COVID-19, haben wir unseren Resellern hier während dieser Zeit den Download des FortiClients über unsere Server ermöglicht. Dies ist unterdessen nicht mehr notwendig und daher haben wir die Links wieder entfernt. Wir Verweisen auf www.forticlient.com. Fortinet hat…
Mit iOS 13 und macOS 10.15 (Catalina) hat Apple die Schraube bei den TLS Zertifikaten angezogen: https://support.apple.com/en-us/HT210176 Dies führt dazu, dass bei frisch aufgesetzten FortiGates das Admin GUI per Chrome Browser nicht mehr erreichbar ist. Als Fehlermeldung wird NET::ERR_CERT_REVOKED angezeigt. Verantwortlich ist folgende Richtlinie: TLS server certificates [issued after July 1, 2019] must have a…
Sind Sie interessiert, den BOLL Blog als RSS Feed zu abonnieren?