In a previous post we talked about VyOS as an alternative to vIOS images in EVE-NG. But it got me thinking, maybe you want to use VyOS at work or in your homelab as a router for your environment - as opposed to just a virtual environment, then this article is a good starting point. VyOS Command Line Interface: As I mentioned previously, VyOS uses a "JunOS style" command line interface, with some differences (e.g. JunOS uses "show configuration | display set" whereas VyOS uses

As someone who labs things up frequently, I sometimes like to simulate "internet" connections using routers as opposed to using FortiGate VMs. As it's a little faster to set up, as I just need simple routing, and I just need some quick connectivity to get things going from virtual site to virtual site. If we made routers, it might look like this. Actually this is WAY too many ports Many of us at some point got vIOS images - I got mine by subscribing to VIRL - and importing in

Ah, Accelerate! One of my favorite conferences to attend, 3-4 days of new information being poured into our brains, product and service announcements, and of course, amazing members of the FortiCommunity to meet! Photo Credit: Fortinet I had the priviledge of going this year, and it was a delight. We'll go over some of the highlights of Accelerate in this special post. The Keynote The Keynote sets the tone for the conference, it shows what is top of mind for this year's event

Configuring Kerberos authentication with your FortiProxy can be a good way improving identity security within your infrastructure. As Kerberos is considerdered more secure method of authentication vs say NTLM. As a result of working with a customer who wanted to enable Kerberos authentication I wanted to share the process here. Assumptions: You have a FortiProxy running version 7.6.x - this may work with earlier versions, however this is the version I used in this artlice You

STP interoprability can be a pain in the neck, we hope to shed some light on making this a little easier.

This topic is one that we've visited in the past by linking to my friend Manny @ InfoSecMonkey. However, the link itself has been...

Hoo boy! It's been a minute since I've last written, or recorded anything. 2024 was a whirlwind year, and a lot went on then. Thank you...

Threat feeds are helpful fabric connectors that allow you to dynamically whitelist or blacklist traffic, file hashes, and domains. In...

Some IT organizations like to image laptops and ship them out to remote users without having to cache user credentials. For organizations...

Terminating SSL VPN to a loopback offers a lot more flexibility by means of security, filtering and inspection. In this video we take a...

Update: As I was deploying my other spokes I realized spoke to spoke connectivity wasn't establishing, and routing correctly. I have...

In this video we take a look at Securing Internet Access - say in lieu of DNS filtering services, or zecure internet access services....

A colleague of mine asked a question "can you enabl/disable a policy using the FortiOS API with the iOS shortcuts app?". It turns out...

I had a customer call me panicking that their FortiGate CPU was pegged at 100%, while sitting idle. My first question was "What firmware...

In this video we take a look at how you can set up MC-LAG on FortiGate managed FortiSwitches. Thank you for watching, I hope this helps.

Let's say you had to prepare a configuration for a FortiGate not in your possession. Typically a good starting point is the factory...

In this video we follow on from the previous module, adding a high level look at VDOMs and admin accounts.

In this video we take a look at a few setup decisions that should be made prior to putting a FortiGate into production.

Starting where we left off in Module 1, we take a look at: Factory Reset / Log disk format WAN/LAN Addressing LAN Services (DHCP, DNS,...

Fortinet has come a long way in 22 years. And as they've started to lead in the network and cybersecurity market, I wanted to create a...