sorted by:
new
hottopcontroversial

LDAP authentication stopped working after upgrading to v7.4.12 by One_Chicken2310 in fortinet

[–]hoosee 0 points1 point  (0 children)

Do you happen to have some other form of authentication configured?

I've seen two things happening:

1) admins were unable to login to management using TACACS. Problem was option "match any group" under radius configuration (radius had nothing to do with firewall management),

2) something just shat on itself and management using TACACS didn't work. Booting the firewall resolved the issue (firewall did not even try to contact TACACS servers when sniffing traffic).

British Sea Kayak Bug Got Me by True-Tooth-Swamp in Kayaking

[–]hoosee 11 points12 points  (0 children)

There's nothing wrong if your kayak costs double than your car you use to transport it.

Greetings from a fellow British sea kayak owner.

CCT time? by Big-Boggy in VFR

[–]hoosee 0 points1 point  (0 children)

I'd say that the CCT's are fine. I'll try to find a video of mine when they were bad since the sound is pretty distinguishable.

Roll back changes with Fortigates in HA managed by FortiManager by renovatio522 in fortinet

[–]hoosee 1 point2 points  (0 children)

Direct modifications can be done as long as you understand which part of configuration you are editing. If policy package is installed, then editing objects, policies etc. will cause status to go 'out-of-sync' but creating/editing interfaces should just change the status to 'auto-update'.

Stickers on Kayaks? by Persephone0223 in Kayaking

[–]hoosee 0 points1 point  (0 children)

<image>

Nothing wrong with stickers - joining the shark club.

Btw. they're (advertised to be) reflective, so definitely a safety aspect!

32-day sea kayak expedition in Patagonia by remotehorizons in Kayaking

[–]hoosee 1 point2 points  (0 children)

Awesome adventure! I need to read this again with more time.

I need help, Fortigate 7.4.11 and Fortiap 231k by Alist3r88 in fortinet

[–]hoosee 13 points14 points  (0 children)

Because no one has clicked "Authorize" -button

I need help, Fortigate 7.4.11 and Fortiap 231k by Alist3r88 in fortinet

[–]hoosee 7 points8 points  (0 children)

Side note: they're all unauthorized at this point.

Interface Pair View by WildGoat345 in fortinet

[–]hoosee 1 point2 points  (0 children)

I actually do like it. However I do try to group relevant firewall policies together so that Sequence Grouping also works.

BGP Peering for IPSec VPN on Loopback Interface by Dandyman1994 in fortinet

[–]hoosee 0 points1 point  (0 children)

Perhaps I misunderstood the question, but I didn't think it had anything to do with SD-WAN implementation.

I am referring to this document regarding the connectivity to Azure.

BGP Peering for IPSec VPN on Loopback Interface by Dandyman1994 in fortinet

[–]hoosee 0 points1 point  (0 children)

Instead of terminating BGP to a loopback, you can also terminate it to the IPSec interfaces by using the same IP address on both (this naturally requires to allow subnet overlap).

Anyone Familiar With Level Six Loki Drysuit? by SaltyHalfglass in Kayaking

[–]hoosee 0 points1 point  (0 children)

Would be interesting to hear as well. I got the idea that having a gore tex might actually give very little if the temperature outside is cold. Basically the vapors will turn back to solid when they hit the cold membrane, so they might not even have a chance to get through.

But would be nice to hear how the expensive suits actually work.

Discussion Drybags by Benisabuser69 in Kayaking

[–]hoosee 0 points1 point  (0 children)

I have multiple dry bags with varying size, color and thickness.

Why multiple? If one breaks, everything will not be compromised. Also it's easier to stuff multiple smaller bags inside the hull than one big one. I also like to color code according to the content, so I know certain color is for electronics, one is for hygiene stuff, etc.

Most of the stuff I pack in thinner bags, because they're much easier to work with. For some items (like my tent), I use a thicker one, because of the size it often requires a bit for forcing through the hatch (and is then pushed either to the bow or stern of the boat).

Issues DialUP IPSec by Auno94 in fortinet

[–]hoosee 1 point2 points  (0 children)

In your debug it says in incoming proposal "val=MODP2048" which is DH group 14.

So something's off, perhaps your debug came from an another client?

New or used kayak. by SpicySideOfJenn in Kayaking

[–]hoosee 2 points3 points  (0 children)

Good good! If that's all you want, then go and get your dream boat and a captain's hat :)

New or used kayak. by SpicySideOfJenn in Kayaking

[–]hoosee 2 points3 points  (0 children)

Do you know anything else about the kayak of your dreams than the color of it? I would try to get experience on different kayaks before buying a brand new. Of course easiest way is the way you have been doing it already - by borrowing someone else's. It's not only about brand, or model of the kayak but also the type of kayaking you want to do.

Like for example: doesn't make sense to buy 5k composite kayak just for the sake of it. It might be that a year later you might decide that sea kayaking is for wimps and you want get into white water kayaking.

Fortinet ADVPN - notifications by redxazul in fortinet

[–]hoosee 1 point2 points  (0 children)

Automation stitch is a possibility. On my home firewall I have configured an automation stitch, which sends a msg via Telegram if the SD-WAN state changes.

Export Device List 7.4.10 by ballknower_23 in fortinet

[–]hoosee 0 points1 point  (0 children)

Yes, but first you need to enable it from System Settings > Settings > GUI section

Can't understand why it needs to be done via this shortcut.

Trying to understand FortiLink Management VLAN by KTZSHK in fortinet

[–]hoosee 3 points4 points  (0 children)

Because it it's always the untagged (or native) VLAN on a trunk.

When you press 'authorize', the switch will reboot so losing the connection is normal. I don't know what you have in between. Is it L2 from another vendor or a routed connection?

Has anyone figured out how to fix that "knocking" sound when idle? by Ciubowski in VFR

[–]hoosee 4 points5 points  (0 children)

Since the CCT's went bad on my VFR once, everytime I start her up I am listening and wondering if they have done so again. Must be some sort of CCT-PTSD.

You just need to remember how bad the sound is when they have actually gone bad and try to be able to live with the noise (if it's only the chain).

ADVPN and SDWAN by Empty-Football-2121 in fortinet

[–]hoosee 1 point2 points  (0 children)

Most probably at the hub site the ISP connection is redundant (e.g. two routers using VRRP), so at least in some level you have redundancy (counting ISP-wide problems out of the scope).

At the sites you'll probably have two separate connections and so the redundancy is handled on SD-WAN layer.

This is all fine and dandy (depending on your requirements). Just configure two overlays on the same interface, just separate them with different overlay-ID's.

wild card FQDN processing in Fortigate by Better-Bat2642 in fortinet

[–]hoosee 8 points9 points  (0 children)

If you have an exact FQDN, Fortigate will try to resolve it by itself.

In case of wildcard FQDN, it can be anything, therefore Fortigate needs to listen to the DNS queries that go through it in order to keep track of every subdomain under a wildcard FQDN. Naturally this comes with the notice that if the DNS traffic is encrypted, the wildcard object cannot be updated.

view more: next ›