Browsing All Posts filed under »Fortigate«

Virtual Firewalls with Fortigate

June 18, 2012


It is pretty easy to configure more firewalls on a Fortigate box and against Cisco ASA they can do VPN as well! And the virtual firewalls can work in transparent and routed mode independently from each other, this is not possible with Cisco. The missing feature would be what Cisco already has is the resource […]

Dead Gateway Detection – AKA Backup or Redundant ISP Service

June 18, 2012


Dead Gateway Detection is feature like the backup or reduntant ISP service. In case we have 2 ISP connections to internet – a backup line with smaller bandwith and another used normally – we can use one as a backup internet connection. The topology: | | Firewall | | | | | | […]

The dhcpc process on Fortigate

June 6, 2012


Just a little bit zoom in a dhcp traffic, too see how it really works in the background. It is a memory Post of an old story at Cisco TAC: I had a big problem with the DHCP Client on a PIX Firewall and at the end I managed to prove it that this was […]

Debugging Fortigate VPNs

March 22, 2012


In the following post I will do some “research” on VPN debugs in Fortigate. It may usefull for those who has basic Foritgate VPN problems or the peer Fortigate has a Problem. Debugging should be usefull for troubleshooting, but should not only be used for troubleshooting. It should be used to understand and see how […]

Basic VPN Configuration

September 20, 2011


In this example I configured a Site-to-Site VPN between 2 Fortigate boxes. It was realised with route based VPN and not with policy based VPN. I route everything through the tunnel here. Topology: ntp server and syslog server | (internal) myfirewall3 (wan) | router | (wan) myfirewall1 1.1 Upgrade […]

Fortigate troubleshooting commands

July 18, 2011


With my requirements for any networking layer 3 device I collected the basic commands that we have to know or you will not be able to manage your fortigate. Okay, okay this is a bullshit, I just update this page since it is the number one post on my site.. :-) 1.0 Check the basic […]