content top

Fortigate CLI Tips and Tricks

Fortigate CLI Tips and Tricks

I am a CLI guy. Make no mistake, I like the GUI but at the end of the day, I am a CLI Jockey and love the “ugly black screen”. To that end, I wanted to throw some short cuts together and post them on this blog. GREPGrep is a Unix command introduced years ago by Ken Thompson, in Unix 4. It is extremley useful from a BASH perspective to search for keyword(s) in multiple files or standard output. FortiOS is not different. When looking for a...

Read More

Syslog Server running ‘rsyslog’

Syslog Server running ‘rsyslog’

Although I run FortiSIEM on my home lab, I wanted to have a quick & dirty, low cost, simple solution to just collect logs. I am not a big Windows guy so wanted to keep the bloat off of my lab ESX environment. I deployed my standard CentOS 7 minimal installation (5 min install). Once installed, I suggest backing up the original rsyslog configuration file located in /etc. The file name is rsyslog.conf cp /etc/rsyslog.conf...

Read More

Forticloud 3.2 for APs

Forticloud 3.2 for APs

Fortinet’s FortiCloud was introduced to provide customers the ability to manage their device entirely from the cloud. This post will cover the APs specifically and I will follow it up with a Fortigate one and others (e.g. switches) as they become available. What you need:1. FortiCloud Key2. PoE Switch / Power Injector3. DHCP Server handing out IPs for the AP (since it needs to get out to the Internet) First step is to locat the FortiCloud...

Read More

IKEv1 & IKEv2

IKEv1 & IKEv2

I have been dealing with VPNs for the past 20 Years. Primarily I have used IKEv1 as it was the most used. In this post, I will go over what IKEv1 is and the differences between it and IKEv2. There are RFCs you can read, however if you decide to, you probably don’t like yourself that much. I will try to make this as simple as I can so I myself can understand it. Like a wise man once said “If you can’t explain it simply, you...

Read More

Stepping Up My Dongle Foo

Stepping Up My Dongle Foo

Last night I was presenting at a local ISSA meeting. When I arrived, my POS (Not Point of Sale) USB C to HDMI Dongle stopped working. I was embarassed that my $5,000.00 laptop could not connect to an HDMI display natively. Thankfully another vendor was also preenting and was gracious enough to share his. I went to Amazon and promptly ordered two new dongles. Upon doing so, I rememberd this video and decided to share. If you understand...

Read More

VI Cheat Sheet

VI Cheat Sheet

Here is a simple VI cheat sheet. I like ‘vi’ because it is pretty much included by default in everything. Just like in my Cisco life, I have always used the CLI and not GUIs because sometimes, those GUIs don’t work or they are not present. This way you can always be ready for anything that comes your way. Scrolling and Searching Command Function <ctrl>d Scroll down (half a screen) <ctrl>u Scroll up (half a screen) <ctrl>f...

Read More

Reformatting MAC addresses in Excel

Reformatting MAC addresses in Excel

Today, a customer asked me to add his 150 phone’s MAC address to their MAB Bypass database they use for 802.1x. The customer game me the output from an Excel spreadsheet that contained the MAC addresses but without the “-“ in it. I needed to get it in the 01-11-11-11-10-00 format. Here is the Excel formula:...

Read More

Upgrading Observium Community Edition

Upgrading Observium Community Edition

Observium is an amazing quasi-opensource solution used to monitor up/down and performance of your networks. It allows you to monitor things such as interface usage, CPU, memory, disk, temperature, BGP, SLA etc. To upgrade your existing Obervium installation, you will need to Connect to your Observium server using either ssh or Hyper Visor ‘console’ feature. I recommend ssh as it will be easier to copy/paste. First, you will need to move to...

Read More

Configuring FortiAnalyzer Mail Settings for STARTTLS

Configuring FortiAnalyzer Mail Settings for STARTTLS

When configuring your FortiAuthenticator for email alerts, there is no section in the GUI to enable/disable STARTTLS. However as most things Fortinet, when you cannot do it via the GUI, head over to the CLI. Below are the steps. Once in the CLI (connect either from inside the GUI Under ‘Dashboad —> CLI Console’ or via standard SSH v2. There you can enter into the mail settings by enteting ‘config system mail’ and hitting enter. Above...

Read More

Upgrading FortiSIEM from 4.9 to 4.10

Upgrading FortiSIEM from 4.9 to 4.10

You will need:• Internet access• SSH or Console Access to the FortiSIEM VM• A licensed 4.9 FortiSIEM implementation.• 4.10 License File• Snapshot of the VM before you make changes (optional but recommended)• FortiSIEM 4.10 User Guide (Page 166) SSH into the FortiSIEM VM. The default username is root and the default password is ProspectHills which hopefully was changed. Once logged onto the box, ensure you have proper DNS and Internet...

Read More
content top