Unifi – Set Option 43 for controller IP
Unifi uses option 43 so the switches and AccessPoints can find its controller if it is not present on the same L2 network. Option 43 should be filled out with…
Read moreRsyslog – Forward logs to another server
Create a new config file under the rsyslog config directory Use single @ for udp forwardingUse double @ for tcp forwarding Example of udp forwarding Example of tcp forwarding
Read moreRsyslog – Save login to a seperate file
Create a new rsyslog config file Add the following text
Read moreHAProxy Use Multiple Config Files from a folder
Create a folder to contain the .cfg files Change the systemd file used for the HAProxy Service Find the line that starts with Environment Edit the line so it contains…
Read moreTwo-Tier CA structure ( Online Subordinate CA )
Prerequisites IIS must be installed and working from the clients that will need the RootCA or certs signed by the RootCA server. See more for a simple IIS install guide…
Read moreTwo-Tier CA structure ( Offline RootCA )
Prerequisites IIS must be installed and working from the clients that will need the RootCA or certs signed by the RootCA server. See more for a simple IIS install guide…
Read moreInstall IIS for Certificate Authority CRL and Root Certificate distribution
Open powershell and install the iis windwos feature Open the IIS manager Expand the Sites and expand the Default Web site. Right click and create new virtual directory Create the…
Read moreFortigate Best practices – CLI Examples (7.0)
View the Fortigate best practices for 7.6 –> HERE Management *Missing from this guide. Management users from central user database ( LDAP, SAML etc ) Configure the web management portsHostname…
Read moreFortigate Best practices – Introduction
Management Network Should be independent from production or business traffic, it does not have to compete for resources and management access can be maintained when reconfiguring the production network. Policies…
Read moreAdd VLAN to a Lenovo switch in a MCLAG cluster
There are consistency check in the Lenovo swtiches when they are participating in a MCLAG cluster. Therefor the switche will shutdown the ports if there are an inconsistency between the…
Read moreMicrosoft CA Server installation
Install the Windows feature. Open powershell as admin and execute the following command I strongly reccomend to not use the server name as the CA Common Name, since this will…
Read moreSCP into an arista switch
The username you use must be defined explicitly with “privilege 15” as part of the definition, so it will look like this perhaps: That puts your user in privileged mode…
Read moreFortigate – Airprint multicast forwarding between two different subnets
1) Enable Multicast forwarding: 2) Interface configuration:Two different interface having two different IP addresses assigned. 3) Configuring Multicast Policies: 4) Check if multicast routing is enabled or not:
Read moreEnable remote connections in Forticonverter
The new FortiConverter is designed as a web application. The application (FortiConverter.py) should be run with Administrator privileges because it reads and writes data from/to high privilege directories. For security…
Read moreForgot admin password on a Fortigate
Factory reset when forgot admin password Reboot the fortigate When the login prompt appears you have max 14 seconds to login with the maintainer account Username: maintainer Password: bcpb<FORTIGATE…
Read moreDiagnose Traffic Flow on a Fortigate
https://kb.fortinet.com/kb/documentLink.do?externalID=FD33882
Read moreWhat is QOS (Quality of Service)
QoS (Quality of Service) is a networking concept that refers to the ability to provide different levels of priority to different types of network traffic. It is used to ensure…
Read more