Configuration guides for IT Administrators

⏱︎
Read time:
Series I Firewall Feed is an open source web based tool written on PHP to setup and manage your own IP address feed in your local network. Click to Download Firewall Feed from Github The tool facilitates maintaining IP addresses in a text file. As and when needed, you can add or remove IP address in…

⏱︎
Read time:
In a branch office where there are few users with just one IP subnet used , I need to configure Fortigate Management interface in the same subnet of LAN. By default, FortiGate doesn’t permit such configurations and if you still try to configure, you get an error “Conflicts with LAN subnet“. Management Interface = 10.10.10.5 LAN…

⏱︎
Read time:
We were upgrading all paloalto firewall appliances to latest base version 8.1.0 and we encountered numerous issues. We are sharing our experience here, you may also consider with caution while upgrading to latest version. 1. SMB traffic are blocked: Paloalto firewall blocks SMB traffic traversing through it. You cannot access the share drives that are…

⏱︎
Read time:
If your website is targeted for customers in India, why do you need to allow traffic from other countries, as a security measure you must consider blocking traffic from unwanted regions. Sometimes you may also wanted to block from known attacking countries such as China or Russia. You can achieve it via GUI in FortiGate,…

⏱︎
Read time:
Helpful guide to setup one-to-one Static NAT in FortiGate firewall so all inbound and outbound traffic of the server (192.168.1.2) communicates via a specific Public IP address (180.151.48.34). Inbound Static NAT Navigate to ‘Virtual IP’ menu under ‘Policy & Objects’ and specify Public (External) and Private (Mapped) IP address details in the fields. ‘Interface’ option…

⏱︎
Read time:
This article applies to all versions of FSSO. Step 1: Identify installed FSSO version. Navigate to C:\Program Files (x86)\Fortinet\FSAE, right click on FSAEConfig.exe properties to find out the version. My FortiGate is running 5.6.0 version and FSSO installed version is 5.0.0254. Step 2: Identify FSSO version supported by your FortiOS version. You can find out this information…

⏱︎
Read time:
Have you lost access to your Fortigate GUI and looking for solution to restore the access? Here are the possible causes for GUI to become inaccessible. Before we continue further, I assume that you have access to Fortigate either via Console or SSH to perform these steps. 1. Enable GUI access, either HTTP or HTTPS…

⏱︎
Read time:
There are cases when Administrators need Management Interface access over WAN especially while performing Remote Administration. At the same time, you should consider limiting the access only to specific Public IP addresses, change default https port and do not under estimate security threats like brute force attack, password guessing attacks..etc. Follow these steps to configure…

⏱︎
Read time:
In this guide, we are configuring IKEV1 VPN between Cisco ASA and Paloalto firewall. This is applicable to all models of Cisco and PA firewalls. Configure Cisco ASA: 1) Phase 1: IKE policy ciscoasa(config)# crypto ikev1 policy 10 ciscoasa(config-ikev1-policy)# authentication pre-share ciscoasa(config-ikev1-policy)# encryption 3des ciscoasa(config-ikev1-policy)# hash sha ciscoasa(config-ikev1-policy)# group 2 ciscoasa(config-ikev1-policy)# lifetime 86400 ciscoasa(config)# crypto…
⏱︎
Read time:
In order to configure Static NAT in Cyberoam firewall, navigate to Firewall > NAT Policy and specify Public IP address to be NAT into. In LAN to WAN firewall rule, map the internal host to be NAT with the previous created NAT policy.

I’m Lucas Brey, a travel blogger sharing practical guides, hidden gems, and honest tips from the road. Follow along for smart itineraries, great food finds, and stories worth bookmarking.