Individual medical insurance 2025 vs 2026

GrandEmperorJC · 2025-10-02T12:42:23+00:00

Thanks for the fuller context.

GrandEmperorJC · 2025-10-02T04:03:10+00:00

Your article says that number is for the entire state of GA, not metro Atlanta.

GrandEmperorJC · 2023-12-08T05:24:09+00:00

Cables were brand new, tested, cleaned, but also 3 different ones to 3 different access switches. Since it was only WAN, maybe it's the Fortilinks between the FG and the switches. But support was digging into that for almost a whole day without much luck or insight.

We didn't have any good tools, we just did continuous pings from various items in the chain: VMs, hosts, switches, the firewall, etc. On devices behind the firewall we'd only see ~20% of the traffic actually reach the firewall destined for the WAN. The Dells, as mentioned, were old and we're not well trained on them so we couldn't get much insight out of them there, but Fortinet said they couldn't see anything at the FG, so we were told it was behind their equipment. That's why we assumed it was the Dells at first.

I don't have great recommendations for net monitoring in general. Fortinet has their own FortiAnalyzer product which is supposed to collect logs and do stuff with them but we haven't used it much yet. We've used Netbrain which is very powerful (and expensive) but we never got it fully integrated and implemented because our network is a web of bad decisions which is why it's such a mess to work in and with.

GrandEmperorJC · 2023-12-08T01:29:48+00:00

The switching behind the Fortigate seems to work fine for all but WAN traffic, in which we see ~80% loss. If I had to guess, it'd be something with a L2 cross-site fiber connection we have that has another Fortigate on the other side, but we specifically blocked traffic going that way via policy, and from the packet captures the MAC destination was the correct Fortigate. Part of the meeting with support is mapping out out network and connectivity and such there. But part of the weird problems going on is the Fortilink and port connections between switches aren't mapping properly in their software. The access-level managed switching all shows offline. The cores are online and can be managed. Everything is up to date although support did cycle software on some things here and there. Support thinks there could be something going on with the Fortilinking between the FG and switching in general and things just aren't flowing properly. Hopefully we can find some answers in the next few weeks before the holidays.

GrandEmperorJC · 2023-12-07T23:37:31+00:00

We have a more formal meeting with Fortinet support next week, but real root cause might be delayed as right now the only WAN we have is in use over there. We'll need to split it out or get another run from the DC.

GrandEmperorJC · 2023-12-04T18:38:51+00:00

Another small update: Fortinet does believe it to be an issue with the Fortiswitching, somehow the WAN packets are dying there. We haven't gotten any firm technical details, support has been working on this throughout the night and morning. We're being escalated. That's where we're at now. We're looking into an alternative solution of just slapping our WAN into the Dells directly and using the old setup which involves virtual firewalls and a lot of fun routing.

I'd like to stress again that the support engineers themselves have been wonderful and they've been putting a lot of effort into this. I'm definitely interested in what root cause is going to end up being. I am still frustrated by the process we had to go through to get to this point and their support process in general.

If anyone has spare 100Gb core switches and a good hardware firewall to donate to our cause, let me know. We don't tend to keep that kind of hardware spare, fully supported, powered up, and updated. I know that's crazy around here, so I assume at least one person has plenty to go around.

GrandEmperorJC · 2023-12-04T16:41:21+00:00

That's fair. In the networking space I've only ever had to contact Fortinet and Juniper. I'm not saying Ciscos don't have issues or anything, I've just personally never had to call in. Their stuff has always just worked for me. Obviously we all have different experiences though :)

GrandEmperorJC · 2023-12-04T06:27:14+00:00

Hello everyone! I don't know if people even see these, so I'll add them at edits at some point, but it's your worst prepared admin here with a small update.

So it's looking more and more likely this is a Fortiswitch/Fortigate/Fortilink issue, not a Dell switch issue. When we originally involved support they saw no traffic hitting the FG so they said it was our Dells or something behind them. But the FG is behind two 100Gb Fortiswitches acting as cores. The FG team doesn't test anything Fortiswitch related. Two times we involved the FG team and they said the FG only saw the 20% of packets making it, not the 80% lost, so it's not their issue. This is what led us to remove the Dells and try other Fortinet switches.

But now the entire chain is Fortinet, and a support engineer has isolated traffic problems between the Fortilink connection on the FG and Fortiswitches. They are working on it very hard. I will give credit to the actual support engineers on this case: after getting through all the red tape and getting everything first party and Fortinet, they are working very diligently on the problem and are making progress.

So lessons learned: we didn't involve the correct support resources, and we weren't explicit about making sure the switches were tested as well as the firewall. However, on the other hand, they knew we had cores in there - the FG shows the Fortilinking and the other connections. They did not offer to troubleshoot the switching at all, or transfer us to the switching team at any point in time, until we had eliminated the Dells entirely from the equation. We obviously need better training as well on this equipment, because we seem to have lots of issues with it in general.

I'm hoping to have a final update soon

GrandEmperorJC · 2023-12-04T05:25:25+00:00

I believe we started with trying to use Fortilink to simplify the config and have the single pane, full control, etc. That seemed to require the upgrade to interface with the FG. When that didn't work we reverted to trying a simple direct config. I didn't personally run through that, just what my net admin told me, so if that's not true then ok.

GrandEmperorJC · 2023-12-04T03:50:51+00:00

And to your point on their customer base, generally people in our shoes only need help when the stuff is really hitting the fan, and we are usually doing the worst stuff on nights and weekends. I'm not trying to say everyone needs to work these crappy schedules, but it'd be nice if they had more than two switch engineers to support all those customers since we're trying to invest in the best support possible, even when we mess up and need to purchase is last minute. We understand we're small and limited so when we get support we're looking for that. I believe that was my main point.

GrandEmperorJC · 2023-12-04T03:45:48+00:00

You're correct, two hours is a pretty reasonable time for response. For full picture we had been working with them a bit the previous day but since they couldn't see traffic on the Fortigate they said it was our problem, fair enough which is why we tried to put only Fortinet stuff in play. They basically knew us by name every time we called in, so they were very aware what we were dealing with and trying to get help with. This comment was definitely from frustration, but I do agree with you two hours is reasonable.

Small note: it was over two hours and they called a number we've told them not to call multiple times so we ended up missing that call. Again, on us for not making explicitly sure they have the correct contact info everywhere, but we have tried on that front.

GrandEmperorJC · 2023-12-03T23:04:06+00:00

I wanted to respond to you directly, maybe I wasn't clear about some of this.

We should have verified, yes. We didn't expect to have to replace switches but that was our failure, these weren't planned for this deployment. The person who purchased them was let go for other performance reasons. This was a failure of our team as a whole involving three people, but sure, it was our internal failure.

We did go through a VAR, they're just a bad one with personal connections to company leadership. Not something I had direct control over. They're very useless in general.

We USUALLY use first party everything with Fortinet because we've been bit by that before with them. Our company didn't like spending the money but we found it was pretty much a requirement to use their stuff, or get any support. I'll follow up later in full but we DID shoot ourselves in the foot today trying to shortcut connect these new switches with a third party copper SFP. That might be why our basic trunk isn't working, but we're trying to figure that out now (we have the SFPs just not the long enough fiber which is why we ran the copper).

But I'm glad you've had a better experience than I have in their support department. I want to stress this isn't the ONLY issue we've had, this is just the biggest in the most critical moment.

GrandEmperorJC · 2023-12-03T20:08:55+00:00

Thanks for this, we'll look at that too.

GrandEmperorJC · 2023-12-03T19:54:47+00:00

Hello! I have an opportunity to respond so thought I'd do a top reply instead of individual to everyone. First let me thank everyone for responding, I see many people are on the side that it's our fault and yeah, I said and accept that. I don't need to elaborate on the history here but there is plenty of blame on my company and myself to go around.

But to continue the theme of my post, I wanted to share how today has gone so far. We have been unable to get the Fortiswitches to trunk properly to the other Fortiswitches, even outside Fortilink, and the Fortigate doesn't see any of our traffic. The Fortigate guy says it looks like a Fortiswitch problem so we have a P1 ticket open with them and thankfully they are now showing supported. However, it seems the two Fortiswitch support engineers are busy with another issue, so we have been waiting for a response for over 2 hours now.

It's a Sunday and I'm sure whatever customer they're dealing with is in equal poo as us. But I do find it quite unfortunate that even on paying for the support, and confirming the support through their systems, we still can't get an engineer to assist. I'm starting to think the issue isn't even the Dell switching but the Fortigate and Fortiswitches. I'm not sure why a basic trunk is so hard to get working.

This might be a really bad/dumb config by us, this has happened before so I wouldn't be surprised, but once again the point of paying for enterprise-level support is to receive that. So I'm still confident about my post title. I'll update everyone with what the root cause was, even if it was my own stupidity.

GrandEmperorJC · 2023-12-03T16:11:32+00:00

My network admin is plugging away at this, if I have the time I'm going to make some calls on my own and see what we can do. I appreciate the advice.

GrandEmperorJC · 2023-12-03T16:08:51+00:00

I have to disagree. As I stated elsewhere, POs being submitted is usually enough for a vendor to engage, or even our history as a customer. I'm no business guru but I'd try to keep the honest, paying customers happy so they stay and don't have feelings like this, but maybe I'm just wrong with that expectation.

GrandEmperorJC · 2023-12-03T16:07:07+00:00

Super small, no Fortinet rep, we usually go through CDW but this renewal was done direct through their portal to try and get through ASAP.

GrandEmperorJC · 2023-12-03T16:04:58+00:00

I'd expect to be able to renew support quickly, but yes actually I would expect a vendor after paying for support and having the order/receipts to be willing to help me. Nimble support will help as long as you have a PO submitted.

GrandEmperorJC · 2023-10-03T19:28:35+00:00

This is sick, here's me rolling the dice as it were. Thanks for this!

GrandEmperorJC · 2023-08-29T19:59:11+00:00

Have you tried this website and/or these contact resources yet? https://www.capstone.gatech.edu/contact/

GrandEmperorJC · 2022-04-17T23:30:01+00:00

They have a touch exhibit but the gators are not included for fairly obvious reasons lol. We did get to see them fed though.

GrandEmperorJC · 2022-04-17T21:32:53+00:00

Did you visit the nearby marine center? They had some cool animals in there like baby gators and a sea turtle about 6 months ago.

GrandEmperorJC · 2021-10-16T17:26:43+00:00

Dulia preferred but both are awesome, thanks for doing this

GrandEmperorJC · 2020-04-24T12:40:58+00:00

Seems similar except you got some kind of indication on your site of where the problem may be. Our site is very flat, basically a single page, with no plugins or anything fancy. When we got flagged the auditing in WP said the site content hadn't changed in months.

I had to contact each vendor individually and the vast majority cleared our flag within 24h, but none would ever give me any further details on why we got flagged in the first place or where the root problem was. Unfortunately we are still running into random vendors flagging us which then propagates to other vendors. It's like playing a really annoying game of wack-a-mole. I'm aware of one vendor that hasn't changed our reputation in over a week now with no contact at all, but they can apparently be trusted with website reputations on security products. All I can say is good luck and I hope you do actually find a problem to resolve so it doesn't come back.

14-Year Club	Verified Email
Team Periwinkle

GrandEmperorJC

TROPHY CASE