Hi all, another vulnerability – log4j – is keeping us all on our toes.In this blog article you will find information about log4j from our vendors.
Hi all, another vulnerability – log4j – is keeping us all on our toes.In this blog article you will find information about log4j from our vendors.
After Fortigate upgrade v6.4 > v7.0.1 (or later) the S2S-dialup VPNs did not work anymore. Tunnel negotiation is successful and phase 1 and 2 get up. Traffic from spoke is routed into the tunnel, but is seems that the traffic is not received by the hub.
We have adapted our CheatSheet for FortiOS version 7.0 and added new commands. The Cheat Sheet is divided into different sections. Depending on the topic, you can find the necessary commands to display more information or find problems. We hope that this will contribute to quick solutions of existing problems.
On Mai 2021, Let’s Encrypt issued a note about the expiration of their DST Root CA X3:https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/ Now that this root certificate has expired (2021-09-30), your systems might issue a warning when connecting to sites using Let’s Encrypt certificates. To fix this glitch on a general client, follow the instructions…
Since last week, we observed a lot of failed SSL-VPN login events on various FortiGate setups. (Edit: That was back in August of 2021 and the big “scanning” ended around two weeks after it has started. But messages are still shown from time to time, since scanning is going on…
Some providers (like init7.ch which already uses the Swisscom XGS-PON) do encapsulate their PPPoE traffic into a VLAN Tag (802.1Q or Q-Tagged). The reason for this is, that in the majority of the cases the provider is using a layer 2 network (last mile) of another provider, which uses VLAN…
In the context of SSL VPN, we sometimes receive the question, if it’s possible to assign IP-addresses using an external DHCP server. Unfortunatly this is not possible on the FortiGate. >> Possible since FOS 7.0.6 and FOS 7.2.1.
General Your VoIP provider should give you the information, if the SIP ALG on the Fortigate is needed or not. In the default setting of a Fortigate the SIP ALG is active.
Unser letzter Beitrag zur Konfiguration einer Fortigate, um zuhause auch Swisscom TV durch die Fortigate zu bekommen, ist schon eine zeitlang her. Deswegen hier mal wieder ein aktueller Beitrag mit einer Fortigate auf FOS 7.0.0 (der auch mit 6.4.5 getestet wurde). Aber Vorsicht, mit dem Swisscom Centro Business oder Centro…
Let’s mention the important things first: Please patch you vulnerable Exchange 2013, 2016 and 2019 immediately! The page msxfaq has published an infosite to this vulnerability including the instructions how to fix your Exchange. Even though we, as Boll Engineering AG, are not associated in any way with the affected…