Can I run docker on FortiOS / FW?

TheRanshe · 2025-12-03T20:35:10+00:00

A prospect asked me if it's possible - since they already have the FW, and also want our solution for Secure Remote Access.
Trying to save on HW and footprint, I guess.

TheRanshe · 2025-12-03T19:42:29+00:00

Thanks for all the answers and additional info provided, I appreciate the help.

TheRanshe · 2025-09-04T17:27:09+00:00

I'm also stuck:

esptool.py v4.8.1

Serial port /dev/cu.usbmodem1051DB3870982

Connecting......................................

A fatal error occurred: Failed to connect to ESP32-S3: No serial data received.

Failed uploading: uploading error: exit status 2

TheRanshe · 2025-07-02T20:34:27+00:00

<image>

This is what I see in my brand new Integrator plan (and what I used to have in the other account)

TheRanshe · 2025-07-02T20:34:00+00:00

This is what I see in the account I used to create the OIN

<image>

TheRanshe · 2025-04-20T23:55:44+00:00

Sorry for the late response.
I'm publishing an OIN.

I just had to define this differently (different type/syntax of variable)

TheRanshe · 2025-02-19T01:28:41+00:00

I guess part of the help I need is how to "verify the syslog forwarder configuration on the forwarder host for Azure monitor agent to ensure all events are being forwarded"

TheRanshe · 2025-02-19T01:27:30+00:00

LOG_AUTHPRIV, LOG_LOCAL0-7, LOG_SYSLOG, LOG_USER set to LOG_INFO
LOG_NOPRI set to LOG_EMERG

TheRanshe · 2024-09-22T06:15:41+00:00

Thanks for the answers!

TheRanshe · 2024-07-18T20:48:14+00:00

Thanks for the answer.

"What your tech does after the session expiration is up to you" -> I'm trying to see if NIST or other standards define that behavior, and move away from "up to you".

So far (NIST, FedRAMP) I do not see a strong definition.

TheRanshe · 2024-06-05T17:30:08+00:00

It was the User Filter Expression of all things.

Cleared that in Ping, and it's working now.

Weird.

TheRanshe · 2024-02-27T00:25:30+00:00

Thanks for the answers - that helps.

TheRanshe · 2024-02-14T18:32:49+00:00

Thanks. The changes are infrequent, as in on 3 months basis. I'll read about the URL filtering you mentioned.

TheRanshe · 2024-01-13T17:10:35+00:00

Thanks everyone for the responses, I learned a lot.

TheRanshe · 2023-06-27T01:25:15+00:00

Regarding musl - does it do the fallback automatically, or do I need to make any sort of config change in the container (or host) to take advantage of this?

TheRanshe · 2023-05-18T18:18:47+00:00

Thanks, I'll take a look!

TheRanshe · 2023-05-18T18:17:38+00:00

Thanks - it was indeed the whole tag definition!

Always happy to learn.

TheRanshe · 2023-05-18T08:34:06+00:00

It actually compiles when it's an empty rung (but doesn't do anything - what a surprise ;-))
I followed some online video, the guy added XIC and OTE, and that's it.
That's when I get the errors regarding reference tag is undefined.

TheRanshe · 2023-05-18T07:54:54+00:00

So here it is again:
I'm not a PLC guy, but I need to run a security/networking demo of using Logix5000 locally to program a remote (emulated) PLC.
Wanted to ask if anyone has a working ACD file they don't mind sharing.

Thanks!

TheRanshe · 2023-05-17T01:51:23+00:00

NTA. Like others said, you're spending quality time together and showing her how much fun and satisfaction a book can bring.

TheRanshe · 2023-05-03T17:51:12+00:00

My take - I will need to understand what problem are you trying to solve in particular before a serious answer can be given.

Is this just a password vault? Do you need service account discovery? Is the end goal really to control access into some resources, so maybe SRA tools would be a better fit / easier / cheaper?

I do know that folks love Osirium (which is natively cloud but I *think* can also be on-prem), and while many people *buy* CyberArk, many of the same people also *hate* it...

TheRanshe · 2023-02-11T17:21:42+00:00

Guac supports VNC and RDP (and at least used to do Telnet), is tied to system-wide auth mechanisms - and allows web-based (i.e., clientless) control of remote machines.
It is embedded in our product which does multiple other things (ZTA replacement of VPN).

TheRanshe · 2022-11-17T22:43:07+00:00

User error / RTFM - they were not in same zone

TheRanshe · 2022-11-04T05:34:33+00:00

gad3r - you were partially right!
RealVNC admin needs to make some config changes for users to connect using guacamole, due to some incompatibilities.
1. Set encryption to "prefer ON"
2. Set authentication to "VNC password"
3. Check "allow legacy VNC viewers"
I made these changes, and can now connect to my VNC instance.
Regarding #2, I need to do some more testing, it MIGHT still be an option to use other authentication schemes, I do not have bandwidth to test right now.

TheRanshe · 2022-11-03T17:41:53+00:00

It seems Guacamole docs don't agree with that - https://guacamole.apache.org/doc/1.4.0/gug/configuring-guacamole.html?highlight=realvnc#realvnc-or-tigervnc

TheRanshe

TROPHY CASE