access – Tech Blog

23. August 202118. Oktober 2021

FortiGate lots of «SSL user failed to logged in» events

Since last week, we observed a lot of failed SSL-VPN login events on various FortiGate setups.

Most of the administrators saw a rised number of the following log messages in the «VPN Event Log» on the FortiGate / FortiAnalyzer.

And no, there’s no spelling mistakes in the title… That’s the way the log message is named:

date=2021-08-23 time=11:22:33 logid="0101039426" type="event" subtype="vpn" level="alert" vd="root" eventtime=1629710539 logdesc="SSL VPN login fail" action="ssl-login-fail" tunneltype="ssl-web" tunnelid=0 remip=11.22.33.44 user="administrador" group="N/A" dst_host="N/A" reason="sslvpn_login_permission_denied" msg="SSL user failed to logged in"

1,682 total views, 2 views today

30. Juni 202013. Juli 2020

Upgrade your FortiMail now!

There seems to be a vulnerarbility in some FortiMail versions, that allow an unauthenticated remote attacker to access the system by requesting a password change. Please refer to the FortiGuard PSIRT article.

The problem here is not only the unauthorized access to the system, but also the change of the password of all configured administrative accounts. Also, the maintainer functionality to reset the administrator password over a serial console of the FortiMail is being disabled from the attacker.

2,148 total views

6. August 201917. Mai 2021

FortiOS 6.2: Upgrade Notes

Due to several known issues, we did not recommend the use of FortiOS 6.2 in productive environments for the first couple of months.

As per FortiOS 6.2.5, we noticed that most of the issues have been resolved. Please have a look into our FortiOS upgrade guide for the upgrade procedure.

31. Juli 201922. Januar 2020

What’s new with FortiOS 6.2/6.0.8: Update issue with certificate for WebUI

Recently we have had a few support cases where a customer was unable to log in to the firewall via WebUI after the firmware update. But SSH access worked fine.

It turned out that during the update process the server certificate used for the WebUI is lost.

Config with v6.0.4 (it does not happen with «self-signed» only):

config system global
  set admin-server-cert "self-signed"
end

16. Juli 201921. Januar 2022

Fortinet Wireless FAQ

Die Fortinet WiFi Produkte erfreuen sich schon länger zunehmender Beliebtheit. Dies nicht zuletzt, weil die FortiAP und Controller je länger je angewandtere Technologien bieten und daher unterdessen praktisch alle vorstellbaren Einsatzszenarien abdecken.

Da mit dem Featureset zugleich auch die Komplexität der Systeme mit wächst, möchten wir ihnen mit diesem Artikel einen Überblick über die Technologie, die Funktionalität und deren Einschränkungen verschaffen.

8. Juli 20198. August 2019

WatchGuard Fireware 12.5

Watchguard is going to release Fireware version 12.5 in the next few days / weeks. From the public beta phase some new features are already known, which I would like to introduce here:

Update: Fireware 12.5 has been released.
Please check the » What’s New in Fireware v12.5 » presentation for detailed information.

Reverse Proxy for the Access Portal

In the Access Portal configuration, you can now configure reverse proxy actions so remote users can connect to internal web applications and Microsoft Exchange services with an external URL. With reverse proxy actions, you can give remote teams access to internal resources without the need for a VPN. Multi-factor authentication is supported as well.