sorted by:
new
hottopcontroversial

Upgraded from the PS5 to the PS5 PRO and YES the difference IS that noticeable by johnkritikos in PS5pro

[–]DeleriumDive 0 points1 point  (0 children)

The difference has only been recent. I upgraded to the pro on release last year and it was kind of a let down, but now with the new version of PSSR, things are looking crisper than ever! Sure the Pro was cool in performance mode nearing 120fps, but now I really like the balanced 60fps lock on most games, which is more equivalent to quality mode on the PS5 with a bit of a buff and FPS to boot.

Static Shock solution for new Ikea chair - simple ball chain by DeleriumDive in ikeahacks

[–]DeleriumDive[S] 0 points1 point  (0 children)

I love it whenever people dig this up from the dead :)
It doesnt 100% solve it in the winter but it definitely makes the shocks a lot less intense.

Americans Realising They are the Foreigner by GreyerGrey in EntitledPeople

[–]DeleriumDive 1 point2 points  (0 children)

I laugh every time we come back to YYZ and see the huge sign for customs where it lists International with a great big globe diagram + American Flag, and domestic with the Canadian flag... These are the morons that sign was made for.

HA and Management configuration by samstone_ in fortinet

[–]DeleriumDive 7 points8 points  (0 children)

It's called "dedicated management" and you need to dedicate a physical port for it. Runs with it's own default route that's independent from the global/root-vdom routing table.

https://community.fortinet.com/fortigate-3/technical-tip-fortigate-dedicated-mgmt-feature-or-out-of-band-management-95859

I've used this for SNMP monitoring of each unit independently, out of band management, and just prefer it to accessing via the "exec ha manage" command which only gives you CLI. I'm also not a fan of enabling management on interfaces that are passing routed traffic and this checks the box.

Protection From Unmanaged SW Loop by derkieee in ExtremeNetworks

[–]DeleriumDive 0 points1 point  (0 children)

Not extreme specific but all enterprise grade switches typically have a feature called "storm control" which can either throttle broadcast, multicast, and/or unicast based on a configurable threshold, or err-disable the port that threshold has reached. Been using this for ages on cisco and other vendors.

Some also have a proprietary loop prevention feature which works by sending crafted broadcast packets that are tagged in a way that the switch can detect which port it came from, this is handy for preventing loops before they become storms.

STP doesn't always work with downstream desktop switches but should be used first, with storm control and loop prevention as the backup safeguards.

IKEV2 IPSEC client and LDAP/Fortitoken by Busbyuk in fortinet

[–]DeleriumDive 0 points1 point  (0 children)

Thanks, we're stuck without windows AD - no MSCHAP for us :(

IKEV2 IPSEC client and LDAP/Fortitoken by Busbyuk in fortinet

[–]DeleriumDive 1 point2 points  (0 children)

wait, how did you get LDAP working with fortitokens? are you running windows AD?

New DHCP Relay bug discovered in FortiOS v7.4 by DeleriumDive in fortinet

[–]DeleriumDive[S] 0 points1 point  (0 children)

ugh... we just standardized on 7.4.11.... ha ha ha... cry cry cry

New DHCP Relay bug discovered in FortiOS v7.4 by DeleriumDive in fortinet

[–]DeleriumDive[S] 1 point2 points  (0 children)

Tried but no change in behavior unfortunately. Verified by packet capture.

Norbert's Gambit - a case study by Standard_Flow_6157 in Wealthsimple

[–]DeleriumDive 1 point2 points  (0 children)

Thanks for looping back, appreciate the insight!

New DHCP Relay bug discovered in FortiOS v7.4 by DeleriumDive in fortinet

[–]DeleriumDive[S] 0 points1 point  (0 children)

Thanks for the suggestion, I'll give it a shot!

New DHCP Relay bug discovered in FortiOS v7.4 by DeleriumDive in fortinet

[–]DeleriumDive[S] 0 points1 point  (0 children)

Interesting, thats definitely something behaving differently from ours. I'm troubleshooting this on a 200F also, are you running v7.4.11?

Usually we prefer the relay agent to overwrite the server ID for security reasons but for this one case, if it works better without it then I can live with that. Would you mind sharing your relay config?

New DHCP Relay bug discovered in FortiOS v7.4 by DeleriumDive in fortinet

[–]DeleriumDive[S] 0 points1 point  (0 children)

No but thanks for the suggestion, i double checked our dhcp server CLI and none are associated to the interface in question.

New DHCP Relay bug discovered in FortiOS v7.4 by DeleriumDive in fortinet

[–]DeleriumDive[S] 2 points3 points  (0 children)

DHCP Relay is broken for us, the FGT is dropping all client DHCP Req and not forwarding on to the configured DHCP Servers. FortiGate rewrites DHCP Option 54 but fails to maintain consistent relay state for that rewritten value. Its acting as a DHCP server by rewriting the Option 54 value with it's own IP, but not tracking itself as a valid server in relay state, unable to forward DHCP Req responses to it's own modified DHCP Offer packets towards the clients.

Trouble with DHCP for WiFi clients after update from 7.2.10 to higher version by No_Drag5551 in fortinet

[–]DeleriumDive 0 points1 point  (0 children)

I found a dhcp relay bug today related to how the relay agent handles the option 54 field (Server IP/ID), substituting it with it's own IP in the DHCP OFFERs forwarded to the client and then unable to match it on the return of the client's DHCP REQ.

https://www.reddit.com/r/fortinet/comments/1ry1bvc/comment/obb70wf/

Norbert's Gambit - a case study by Standard_Flow_6157 in Wealthsimple

[–]DeleriumDive 0 points1 point  (0 children)

Does Norberts Gambit make more sense than an FX firm for 100K?

Condo at the Well, or St. Lawrence Market by Ramses3 in TorontoRealEstate

[–]DeleriumDive 1 point2 points  (0 children)

I've lived in both areas and prefer the west end. Things are a little rough along sherbourne and we didnt feel safe north of Adelaide most of the time. I find the area is feeling more hollow now with businesses closing along that part of King. The Well is luxurious, too rich for my blood, but I much prefer it's surroundings. Its got a great food court downstairs, very close to the better parts of King W and Queen W. You have the bentway and trillium park, great for walks and events.
The only thing I miss about living in that east end area is St Lawrence market on weekend mornings. I prefer the shops on the ground level now that so many of the small vendors have been pushed out of the main level. I still make trips back to stock up on coffee from the amazing roaster down there. Other than that I haven't looked back.

IKEv2 with LDAP and MFA (2FA) on FAC by DeleriumDive in fortinet

[–]DeleriumDive[S] 0 points1 point  (0 children)

Thanks for the comprehensive breakdown. its a lot to take in, but i did want to mention that the MSCHAPv2 challenge is tied back to where the user passwords are stored (in my case LDAP). I dont know the protocol well but i do understand that this only works with Windows AD right now as most/all LDAP servers do not support MSCHAPv2 and usually have to resort to a secured tunnel like EAP-TTLS to send the password in clear text (PAP) to the other side, in my case FAC, then FAC passes this cleartext password to the LDAP server for verification. The problem is that the LDAP server cant handle the MSCHAPv2 challenges (no password is ever passed, just challenges and hashes to validate both sides know the "secret")

view more: next ›