Since last week, we observed a lot of failed SSL-VPN login events on various FortiGate setups.
Most of the administrators saw a rised number of the following log messages in the «VPN Event Log» on the FortiGate / FortiAnalyzer.
And no, there’s no spelling mistakes in the title… That’s the way the log message is named:
date=2021-08-23 time=11:22:33 logid="0101039426" type="event" subtype="vpn" level="alert" vd="root" eventtime=1629710539 logdesc="SSL VPN login fail" action="ssl-login-fail" tunneltype="ssl-web" tunnelid=0 remip=18.104.22.168 user="administrador" group="N/A" dst_host="N/A" reason="sslvpn_login_permission_denied" msg="SSL user failed to logged in"
«FortiGate lots of «SSL user failed to logged in» events» weiterlesen
10 total views, 10 views today
There seems to be a vulnerarbility in some FortiMail versions, that allow an unauthenticated remote attacker to access the system by requesting a password change. Please refer to the FortiGuard PSIRT article.
The problem here is not only the unauthorized access to the system, but also the change of the password of all configured administrative accounts. Also, the maintainer functionality to reset the administrator password over a serial console of the FortiMail is being disabled from the attacker.
«Upgrade your FortiMail now!» weiterlesen
1,919 total views, 3 views today
Due to several known issues, we did not recommend the use of FortiOS 6.2 in productive environments for the first couple of months.
As per FortiOS 6.2.5, we noticed that most of the issues have been resolved. Please have a look into our FortiOS upgrade guide for the upgrade procedure.
«FortiOS 6.2: Upgrade Notes» weiterlesen
Recently we have had a few support cases where a customer was unable to log in to the firewall via WebUI after the firmware update. But SSH access worked fine.
It turned out that during the update process the server certificate used for the WebUI is lost.
Config with v6.0.4 (it does not happen with «self-signed» only):
config system global
«What’s new with FortiOS 6.2/6.0.8: Update issue with certificate for WebUI» weiterlesen
set admin-server-cert "self-signed"
Die Fortinet WiFi Produkte erfreuen sich schon länger zunehmender Beliebtheit. Dies nicht zuletzt, weil die FortiAP und Controller je länger je angewandtere Technologien bieten und daher unterdessen praktisch alle vorstellbaren Einsatzszenarien abdecken.
Da mit dem Featureset zugleich auch die Komplexität der Systeme mit wächst, möchten wir ihnen mit diesem Artikel einen Überblick über die Technologie, die Funktionalität und deren Einschränkungen verschaffen.
«Fortinet Wireless FAQ» weiterlesen
Watchguard is going to release Fireware version 12.5 in the next few days / weeks. From the public beta phase some new features are already known, which I would like to introduce here:
Update: Fireware 12.5 has been released.
Please check the » What’s New in Fireware v12.5 » presentation for detailed information.
Reverse Proxy for the Access Portal
In the Access Portal configuration, you can now configure reverse proxy actions so remote users can connect to internal web applications and Microsoft Exchange services with an external URL. With reverse proxy actions, you can give remote teams access to internal resources without the need for a VPN. Multi-factor authentication is supported as well.
«WatchGuard Fireware 12.5» weiterlesen