Fortigate: L2TP over IPsec configuration needs to be manually updated after upgrading from 6.4.x or 7.0.x

Fortinet has added a special note in the release notes of FortiOS 7.0 as follow: Source:https://docs.fortinet.com/document/fortigate/7.0.6/fortios-release-notes/927994/l2tp-over-ipsec-configuration-needs-to-be-manually-updated-after-upgrading-from-6-4-x-or-7-0-0-to-7-0-1-and-later Unfortunately the second point does not clearly state which policy exactly needs to be changed.Here is a screenshot of the changed policy: As you can see, the policy from the l2tp client to the…

 215 total views,  4 views today

read more

WatchGuard Launches PSIRT Page

WatchGuard’s Product Security Incident Response Team (PSIRT) has launched their public PSIRT page to provide a consolidated resource where network administrators can find advisories and information about security vulnerabilities in WatchGuard products, as well as WatchGuard’s investigations into industry-wide security issues that may impact WatchGuard products or services. The published…

 96 total views,  1 views today

read more

CheatSheet – PANOS 10.1

We have created a cheat sheet for Palo Alto firewalls with all important commands for troubleshooting.The cheat sheet was created for PANOS version 10.1. We have divided the cheat sheet into different sections like general commands, session debugging, service debugging and feature related debugging commands so that the needed commands…

 569 total views,  1 views today

read more

WatchGuard Firewalls: Cyclops Blink Botnet Befall (Deutsche Version)

Gemäss aktuellen Informationen sind eine begrenzte Anzahl (~1%) von WatchGuard Firewalls von einem staatlich gesponserten Botnet namens “Cyclops Blink” befallen worden. Obwohl es derzeit keine Beweise für eine Datenexfiltration gibt, ist es möglich, dass Daten der Firewalls kompromittiert wurden.  771 total views,  2 views today

 771 total views,  2 views today

read more

CheatSheet – FortiAnalyzer & FortiManager v7.0

We have created a combined CheatSheet for the FortiAnalyzer and FortiManager OS version 7.0. We have divided sections into FortiAnalyzer Logging, FortiAnalyzer Reporting and FortiManager to find the needed commands faster. CheatSheet FAZ FMGR 7.0 v1.1 We hope that this will contribute to quick solutions of existing problems.  1,359 total views,…

 1,359 total views,  1 views today

read more

WatchGuard new Knowledge Base Articles November 2020

Each month WatchGuard publishes numerous new articles and known issues to the WatchGuard Knowledge Base. Here is the new content published in November: Articles Firebox Cloud supports accelerated networking in Azure Known Issues IKEv2 profile import fails on macOS Big Sur 11.0.1DHCPv6 server restarts repeatedly when DHCP reservation existsHotspot custom logo does not load in Fireware v12.6.2Cannot…

read more

New PSIRT-Advisory from Fortinet

Last week Fortinet has released a critical PSIRT-Advisory “Improper check for certificate revocation vulnerability” Unfortunately the article does not give exact information regarding the background or the solution and we couldn’t find further information about the issue, either. Maybe you have more information?

read more

FortiGate und Swisscom TV

Wer schon versucht hat, Swisscom TV durch eine FortiGate zu leiten, hat sich bis anhin die Zähne ausgebissen. Eine Firewall sollte grundsätzlich IGMPv3 und Multicast unterstützen, dies die Aussage in diversen Foren. Mit FortiOS 5.0 scheint nun Swisscom TV sauber durch die FortiGate zu gehen mit entsprechender Konfiguration. Diese wollen…

read more