Virtual Extensible LAN (VXLAN) is a Layer 2 overlay scheme utilizing a Layer 3 network. VXLAN uses MAC Address-in-User Datagram Protocol (MAC-in-UDP) encapsulation to provide a means to extend Layer…
Read More
Before we begin, I just want to say that Fortinet’s documentation is always a great resource. It’s best to secure the device by not enabling access from insecure locations, but sometimes…
Sometimes it’s necessary to change an internal client’s IP address to talk with the internet. For instance, it is always important to make sure your SMTP server is using the same…
Fortinet has done a great job with their update, FortiOS 5.4. It’s a departure from 5.2, but once you get going with it, you will find things are structured very well. For…
The other day I had the need to plug a Ruckus Wireless access point (AP) directly into a FortiGate firewall. The client only needed one AP, and connecting directly into one…
GRE Tunnel Overview Generic Routing Encapsulation (GRE) can provide a private, secure path for transporting packets through an otherwise public network. It does this by encapsulating the data packets and redirecting them to a…
Every once in a while, clients will ask me how to block certain countries (that are known vectors of cyber attacks, such as China or Russia) from accessing their websites. It’s common to…
In FortiOS 5.4 you now have the option to change the interface color. I was excited about this since I wasn’t much of a fan of the emerald green that is the default…
The FortiGate login banner is a great way of explicitly asking users if they are authorized to log in, display legal terms, or simply show a message to users when they log in, such as…
First Off, What is Cloudpath? Ruckus recently purchased Cloudpath networks, a wireless onboarding company. Cloudpath specializes in getting users, whether staff, guest, or students onto your network securely and easily….
I’ve been seeing this error pop up on many Windows desktop clients: The system detects an address conflict for the IP address 0.0.0.0 in a system that has network hardware address Ed-Ef-A9-B8-CC-2E. Network…
What I’m about to show you is an amazing method for assigning users to their correct groups in FortiGate firewalls. We can apply different security profiles to individual groups, all through one 802.1x…