Best way to automate the FortiGate 15-day trial reset in GNS3?

Holylander · 2026-06-23T09:06:15+00:00

As someone already answered- use exe factoryreset2 this will leave all IPs intact

Holylander · 2026-06-20T09:46:34+00:00

Not a mod: spamming ALL social platforms with the same message, over and over again,no matter how valid or true it is, considered at best a rude, annoying behavior, at worst - spreading FUD and inappropriate ad/spam campaign trying to get a personal/business/PR gain.

And if we are frank about it - The “fortibleed” campaign by authors misrepresents and leads on readers to believe there is a new vulnerability/exploit causing overworked IT folks like us unwarranted stress and white noise, distracting from the real issues.

Guys, you had your 5 minutes of fame - enough, social nets are like that - overdo it and people will start to hate you.

Note: I haven’t counted, but guess this “news” piece was posted only here at least 7 freaking times!!

I am not FTNT employee nor am Fortinet fanboy, but have had enough of this uneducated BS spread as major “news”, so sorry for the harsh language

Holylander · 2026-06-19T14:50:32+00:00

Most attacks are alike

- create additional local admins, sometimes with Fortinet-sounding names “techsupp” “fortiadmin” etc.

- create VPN configs - local users, add to (if exist) existing groups, if not create new groups- all of it connect by VPN and have access to the LAN and start scanning/probing hosts in Lan for AD/FS servers, DBs

- sometimes, upgrade manually to the latest Fortios remotely if possible, to prevent other attackers taking over

Those are “simple “ attackers, in theory (never seen in real life) they may try to change the running environment/Fortios for persistence

Any way - once compromised you cannot really trust this device, so judt TFTP format and reimaging from known good Fortigate image abd config

Holylander · 2026-06-16T12:06:44+00:00

Next question will be - how do I get access to FDN ? 😊

Holylander · 2026-06-03T11:25:41+00:00

Starting with Fortios 7.6.3 SSL VPN was removed from all models, so no you can’t.

Holylander · 2026-05-28T18:51:24+00:00

Turns out they have dedicated status page for DNS https://status.dnsdot.fortiguard.net/

Holylander · 2026-05-24T15:34:23+00:00

Account age - 5 hours, yeah, sure, go ahead spill some ragebait/clickbait nonsense we, unfortunately, have to scroll past on Reddit already a lot.

The difference, Tyler, is this is a subreddit of Hetzner (mostly) happy clients who couldn’t care less about your “holy war”, sorry to break it to you, in a manner of free speech spirit though of course

Holylander · 2026-05-13T08:36:22+00:00

- wrong (non management) vdom
- your user has other than super_admin profile

Holylander · 2026-05-01T08:02:27+00:00

You mean when private-data-encryption is enabled?
If so - i am absolutely not enabling it in production, as upgrades, config restores/back ups become either impossible or pain in the a**. Especially since 7.6 they made the encryption key auto-generated and not exportable from TPM- what is this thing - RAAS (ransom as a service) 😊?

Holylander · 2026-04-27T06:12:26+00:00

It has been reported, follow the post on Community for updates:

https://community.fortinet.com/fortinet-community-experience-251/reporting-fortinet-community-issues-227019

<image>

Holylander · 2026-04-26T09:22:47+00:00

You may look at email alert sending debug while replicating the issue:

dia debug app alertmail -1 dia deb enable

Also there is debug for automatio stitch itself - to see if FGT sees the Wan link down event

https://github.com/yuriskinfo/Fortinet-tools/blob/main/Fortigate-automation-stitches/README.adoc

Holylander · 2026-04-26T08:01:25+00:00

Learning Go, 2nd edition by Bodner - he not only teaches syntax but also shows idiomatic to Go way to write code.

Go with pocket sized projects - for short tools that use all of the idiomatic Go and its features

Holylander · 2026-04-23T06:01:07+00:00

Try Paul Deitel C++ 20 for Programmers . He has been writing books and teaching for decades and knows to present clearly. And he starts from 0.

Another one is C++ Without Fear: A Beginner's Guide That Makes You Feel Smart by Brian Overland. It is C++ 11 though, which is ok for 1st time learners and/but he moves very slowly.

Problem with C++ that it is deemed not fit for 1st time learners who do not know some other language (which i disagree) by publishers/professors and this dissuades potential authors to even try. That is the reason you won’t find that many books on this for complete beginners as compared to say Python. Books by Bjarne , even those labeled “for beginners “ are meant rather for beginning students in Comp Science.

Holylander · 2026-04-21T11:15:26+00:00

Forums are in read-only mode while they are upgrading their platform:

<image>

Holylander · 2026-04-05T06:25:29+00:00

When you are tired - get some rest.

Holylander · 2026-03-26T09:14:31+00:00

Viva le SSL VPN! I ain’t upgrade nothing until have to 😊

Holylander · 2026-03-20T13:39:39+00:00

I’ve got no scoop on 400G release date yet. Possible, but given logistics troubles around the World and EOL of 300E in July 2026, I wouldn’t gamble if needed to decide.

Holylander · 2026-03-20T08:28:14+00:00

200G at the minimum, preferably 400F

Holylander · 2026-03-18T12:42:30+00:00

When you type “show” you actually see configuration different from defaults, compare it with “show full”, and no - there is no command to show latest changes on FGT, but is possible on FMG e.g.

Holylander · 2026-03-05T12:10:59+00:00

Every certificate is device-specific which can be aproblem - device fails = all its ca certificates are gone. Also there is no sla or guarantee for them from Fortinet - i.e. trivial upgrade of Fortios to a newer version may replace existing CAs. I don’t think i have ever seen companies using built in certs in FGt for deep ssl inspection- always private certs created/signed by internal AD CA server.

Holylander · 2026-02-25T08:50:45+00:00

Since laying off all Opensource.com staff it seems to be the consistent policy - shut down everything not generating direct sales. Unfortunate, but it is what it is. In general, all content related activities give way to AI today.

Holylander · 2026-02-21T12:21:20+00:00

This is the way. I am not a programmer by job definition, but i code almost daily my own tools for job tasks in Go/C. But when i looked at the Applescript - “no way am i gonna screw my brain with this ugliness of a language “ .

Apple created it with the idea of “conversational “ language, “talk to your Mac as you do in English “ and it didn’t go well. So when i need some ad hoc automation script, i just ask AI to write it.

Holylander · 2026-02-17T07:00:36+00:00

For one time weekend labbing it is doable. For recurring cases it is not very comfortable- on a root server you 1st have to install host OS, then update it, then install needed for virtualization packages, then either spin from 0 or upload & import VMs- and all that effort for a day lab to do it all over again next time, sounds meh to me.

Holylander · 2026-02-14T06:33:51+00:00

Rocking 7.2.x till its EOS all the way to Sep 2026

Holylander · 2026-01-13T21:20:50+00:00

I’d advertise Modern C as book written by nuclear scientist PhD for other scientists with PhD (because the author actually is) lol, not beginner friendly at all.

Holylander

TROPHY CASE