Category: Firewalls

Fortigate CLI

Get list of current DHCP leases including hostname (handy when trying to find a machine without FSSO) # execute dhcp lease-list IP Addresses of interfaces. Make sure NOT to hit enter, just hit question mark. # show system interface ? System Information such as model Show TOP system processes. # diag sys top Who’s logged in? […]

Read More…

Captive Portal bypass for Fortigate IOS7 Apple update

As it continues…Apple doesn’t give a hoot about how their changes affect everything around them. This time, captive portals stop working on many vendors wifi solutions including Cisco and in my case, Fortinet. Just after IOS 7 for Apple devices, we received reports on the Captive Portal not working. For anyone who doesn’t know what […]

Read More…

Multiple ISP Failover Routing…do you really know what you think you know?

I’ve run across many “network” admins out there and to be fair, many know what they’re doing on a basic level; but when it comes to network routing – the understanding is not understood? Assumption: Network layers; physical ie link detection are understood. For instance, the topic of failover or load-balance always enters a conversation. […]

Read More…

Disable SIP Fixup Protocol

Disable SIP ALG on FortiGate. FortiGate CLI (only) #config system settings #set sip-helper disable #set sip-nat-trace disable ! reboot the Fortigate # exec reboot ! Log back in, CLI. Locate the session-helper number, typically 12. #config system session-helper #show #delete 12 ! Disable RTP – #config voip profile #edit #default #config sip #set rtp disable […]

Read More…

Fortigate Policy Sectional View Missing

Logging into a Fortigate (v4.0,build0513,120130 (MR3 Patch 5)), you may lose the “Sectional View” option. Typically this is caused by a bug prior to MR3p4 or having policy interfaces set to “any” “any”. settings on any policies to prevent it either. How do I get sectional view back? Fix? # config system global # set […]

Read More…

Fortinet FortiOS 5 released

Alright, about time. With the time it took for this release, I will venture to guess they really wanted to put out something stable. That means this weekend, we’ll be testing it on a limited, controlled lab ie home, office lab. Stay tuned for updates and my thoughts. Fortinet press release here Some items related […]

Read More…