Routing Convergence on FortiGate HA clusters
Routing convergence and therefore post FGCP HA failover sessions maintenance can be somewhat of a challenge. Here's my view on it..…
Rerverse Web Filtering might give you data...
Serving information's behind FortiGate's, I thought about why not actually leveraging Web Filters on my HTTP/HTTPS access granting policies. This in order to enforce possible requests toward a single domain name uniquely. It turns out that denying access based on Reverse Web Filtering wasn't really suitable to my requirements,…
vLANs inside VXLAN over IPsec
I've recently posted a quick post on LinkedIn about a feature from FortiOS 6.2. It turned out I've received many private messages asking for more in-depth information. Hence this article. Let's dissect a bit how we could leverage this on FortiOS: Using set encapsulation vxlan on an IPsec phase1…
Editing, adapting and replaying PCAP'ed traffic.
I've been recently tasked with the analysis of 3rd party provided sniffed traffic. The task consisted of replaying captured traffic through a FortiGate in order to potentially match triggered Application Control signatures.…
Inject FortiGate IPS logs source IP's within Threat Feeds
A quick article on how to extract FortiGate IPS logs source IP's. You can quickly export your IPS logs entry from your FortiGate units directly from the GUI. From Log & Report > Intrusion Prevention: You'll gather a text based log file containing complete log entries per events, something like…
Defeating most automated attacks using a custom IPS signature.
a simple custom IPS signature could avoid many malicious attempts targeting your open HTTP/HTTPS connectivity from the internet.…
Setting your default wanted columns on your FortiGate policies/GUI
This will be a quick one, I've recently found out about this cool possibility within FortiOS. You can select your default wanted Policies Columns displayed within the GUI. This setting is per vDOM though. In this example, I'm adding the Active Sessions column per policies: config system settings set gui-default-policy-columns…
Clean-up your traffic with a FortiGate Transparent vDOM
In order to simplify my Mr. Proper policies management, I thought about why not instantiating a FortiGate Virtual Domain implemented as L2/Transparent in order to leverage the dirty job of cleaning all the inbound traffic just ahead of my main NAT/Route vDOM.…
FortiGate inter-vDOMs communication using EMAC vLAN
The goal of my setup was to host multiple vDOMs on a FortiGate while routing all the inbound/outbound traffic toward a proxying Virtual Domain, himself reaching a so called WAN vDOM.…
Server Load Balance vIP's on FortiGate's
To cut a long story short, I wanted to be able to Geographically lock HTTP/HTTPS requests towards back-end web servers behind a FortiGate hosting a single WAN IP address. Hum, well, it's really not as easy as it sounds...…