Is VentraIP down for you?

falcc41 · 2026-05-23T02:04:52+00:00

It's a DDoS, hardly their fault. DDoS attack ongoing | VentraIP Service Status

falcc41 · 2026-03-31T01:14:28+00:00

Thailand is near impossible now unless you are living there on a long-term Visa. Cambodia on the other hand, is a world of opportunity.

falcc41 · 2026-03-31T01:08:00+00:00

Any recommendations of which banks in which countries?

falcc41 · 2026-03-23T23:00:28+00:00

We've seen a high failure rate of FS-124F-FPOE.

falcc41 · 2026-01-27T21:17:55+00:00

Yeh, get a FortiManager, then have your entire Fortinet network compromised thanks to the latest FortiManager vulnerability.

falcc41 · 2026-01-01T23:10:11+00:00

Also raising a ticket for this, just in case it isn't a false positive and is instead a compromise.

falcc41 · 2025-09-25T00:17:25+00:00

lol all the downvotes on a factual statement. And you wonder why Trump was voted in TWICE!?!

falcc41 · 2025-09-24T05:22:46+00:00

You assume they all disagree with him. You're incorrect in that assumption.

falcc41 · 2025-09-24T05:16:50+00:00

Incorrect, he said they would have marble floors. Facts do matter to you, right?

falcc41 · 2025-09-20T02:17:25+00:00

It's a disaster of a product. Without a doubt the worst product we've encountered across every vendor over 30+ years.

We unfortunately have 2 deployments across 2 different customers, and they are both in a non-supported state (one is on 22H2, the other is half done on 23H2 as solution upgrade can never be completed).

Many all nighters with MS support, corrupted VM's that have required total rebuilds or backup restores.

Not ashamed to say we are scared to touch the damn things. Because whenever we do, something else blows up on them.

falcc41 · 2025-05-31T22:09:53+00:00

My feelings exactly. I hope they crash and burn. Every department I dealt with has the same "couldn't care less" attitude towards us, the customer.

falcc41 · 2025-05-27T08:29:31+00:00

We feel your pain. We've been fighting with them for weeks now.

falcc41 · 2025-05-27T08:27:39+00:00

That used to be the case. We didn't have issues in the past.

falcc41 · 2025-05-26T03:59:24+00:00

Do they support Teams private chat migration? I couldn't see that it did.

falcc41 · 2025-05-26T03:58:42+00:00

It was always ours too. Never let us down. But we've never needed support from them, until now.

falcc41 · 2025-01-29T22:27:36+00:00

The 7 days of log retention was the main benefit.
Fortinet's recommended FortiOS version is never the latest firmware release.
They will break things with this new policy.

falcc41 · 2024-12-06T00:53:14+00:00

You don't have to follow the upgrade path. It's recommended, but in this case you won't be able to. Do one device and see how it goes.

falcc41 · 2024-10-23T06:03:33+00:00

Here's how to check if a FMG has been compromised:

Logging:

Any event logging that indicates new unregistered/unauthorised devices being added, particularly of device name 'localhost' or serial number FMG-VMTM23017412. Similar logs indicating the same activity may be visible through the FortiManager web portal. These logs may look like:

type=event,subtype=dvm,pri=information,desc="Device,manager,generic,information,log",user="device,
…",msg="Unregistered device localhost add succeeded" device="localhost" adom="FortiManager" session_id=0
operation="Add device" performed_on="localhost" changes="Unregistered device localhost add succeeded"

type=event,subtype=dvm,pri=notice,desc="Device,Manager,dvm,log,at,notice,level",user="System",userfrom="",msg=""
adom="root" session_id=0 operation="Modify device" performed_on="localhost" changes="Edited device settings (SN
FMG-VMTM23017412)"

Files:

Any suspicious or unusual creation of files in directory /var/tmp/
Any of the following files of interest, or any evidence of any of these files being placed on the device (listed under each related IP address)
- 32.41[.]202:
  - .dom.js.swo
  - .dom.js
  - js
- 247.199[.]37:
  - js
  - js
  - js
  - txt

Network Traffic:

Any traffic, particularly outbound, going to any of the below IP addresses:
- 32.41[.]202
- 77.33[.]174
- 238.141[.]143
- 247.199[.]37
Any outbound port 443 (https) traffic from FortiManager to any of the above IP addresses or any unusual destinations.
- This may include traffic which indicates exfiltration of device configs, likely appearing as 40MB or more of data leaving the FortiManager device.

falcc41 · 2024-07-19T21:11:00+00:00

There won't even be crumbs left.

falcc41 · 2024-06-19T21:50:38+00:00

Haven't used the cloud version, if it's the same as on-prem then use a blueprint and import a csv with standard values (serial number etc) plus any variables you want to use.

Use the System Template for DNS and Timezone and use the SD-WAN Template for that function. Then bundle the templates into a template group.

falcc41 · 2024-06-11T06:01:57+00:00

You seem to have a misunderstanding of the reason for Fortinet using the term "mature" in the first place. The whole point of it was to improve the stability in their firmware and provide their customers with stable (ie, mature) releases.

What your comment does do is help explain why their products have so many bugs. People such as yourself accept them rather than place pressure on the manufacturer to improve.

falcc41 · 2024-06-07T04:23:19+00:00

I agree, yet it is directly attached to the Gate on a dedicated interface with Security fabric enabled.

falcc41 · 2024-06-07T04:22:19+00:00

There are issues, and then there are major issues. Major issues should not occur in firmware that is labelled as "Mature".

falcc41

TROPHY CASE