Good Looking Replacement Messages

It's been some time since my last post here. I've been very busy lately.. Anyways a quick post on how to craft good looking replacement messages for your internal or external captive portals with FortiOS. I've based my latest FortiOS Captive Portal replacement message with something I've found @codepen.io…

eCRE certification

a review of the ARES/REP and the eCRE certification from eLearnSecurity…

Rerverse Web Filtering might give you data...

Serving information's behind FortiGate's, I thought about why not actually leveraging Web Filters on my HTTP/HTTPS access granting policies. This in order to enforce possible requests toward a single domain name uniquely. It turns out that denying access based on Reverse Web Filtering wasn't really suitable to my requirements,…

vLANs inside VXLAN over IPsec

I've recently posted a quick post on LinkedIn about a feature from FortiOS 6.2. It turned out I've received many private messages asking for more in-depth information. Hence this article. Let's dissect a bit how we could leverage this on FortiOS: Using set encapsulation vxlan on an IPsec phase1…

Editing, adapting and replaying PCAP'ed traffic.

I've been recently tasked with the analysis of 3rd party provided sniffed traffic. The task consisted of replaying captured traffic through a FortiGate in order to potentially match triggered Application Control signatures.…