Anyone familiar with Cisco equipment will know that after you enter a command and hit carriage return the affects will be immediate on the running state. With Fortigate one gotcha that catches a lot of people is the use of the end command. Until you type end and hit enter your commands will not affect […]
HPE Networking – lldp: PVID mismatch
This one is more of an annoyance than a problem, but its good to keep your configurations clean in case another misconfiguration turns your annoyance into a real issue. Not to mention logs full of unactionables or meaningless data are just a distraction. Let’s take a look at the error in question: I 05/13/16 08:14:06 […]
Dual Firewall DMZ – Revisited
Two years ago I wrote regarding Dual Firewall DMZ design. While (I hope) it does well to illustrate how a DMZ can operate, admittedly its a clumsy design and not one I’d recommend. First and foremost, DMZ design has to meet the needs of implementation; there is no one-size-fits-all solution. That said, I want to […]
User-ID Mapping – Ignoring Users
In our post Palo Alto URL Filtering we covered User-ID which allows us visibility to the Active Directory account generating the traffic. Depending on the AD group you’re using you might get a service account being reported as mapped to that IP. There are a few ways to get around this problem, but the simplest […]
FortiGate Switch Mode
By default FortiGate devices are configured to have all numbered ports operate in switch mode under a single DHCP scope. This means that no matter which numbered port you connect into you’ll receive a lease from the device’s internal DHCP Server. You can see this by navigating to the System > Network > Interfaces menu. […]