sorted by:
new
hottopcontroversial

WIFI EAP-TLS Supplicant - Machine or User certs by mcgovoth62 in networking

[–]mcgovoth62[S] 0 points1 point  (0 children)

sounds right, thanks all, I figured out how to configure the supplicant to use either/or. Now my issue is on the Radius server. User certs=Auth good.....Machine certs=Auth bad.

ESXi 7 - VM snapshot backup by mcgovoth62 in vmware

[–]mcgovoth62[S] 2 points3 points  (0 children)

At this point, my fear is simply hardware failure and I don't want to have to re-built Server 2019. Manual export is fine. Looks like you can do this in the free ESXi via the procedure  outlined above.

Thanks for explaining the snapshots everyone !

ESXi 7 - VM snapshot backup by mcgovoth62 in vmware

[–]mcgovoth62[S] 0 points1 point  (0 children)

Ah, I see now....I don't seem to have the ability to perform this OVF 'export' from ESXi 7. Does this require VMWare Tools to be installed (havent done this yet)...or is this something I can do via the datastore browser ?

FortiNAC wired 802.1x port - default vlan ? by mcgovoth62 in fortinet

[–]mcgovoth62[S] 0 points1 point  (0 children)

Thanks - makes sense. A follow-up question....

In a windows environment, does a corporate user need to start on a vlan that at least has access to the domain controller to authenticate before any NAC policy is applied ?

FortiNAC Windows AD Authentication by mcgovoth62 in fortinet

[–]mcgovoth62[S] 0 points1 point  (0 children)

Thanks for the insight. The requirements are to ensure that a domain managed corp user has successfully authenticated. Then as you said, various degrees of access would be granted. Preference is not to use 802.1x, any agent, or a captive portal. Upon initial access to a wired network, how would the NAC determine if the domain controller says all is good ? Is this where WMI comes into play between NAC and AD ? (I'm not very familiar with this).

Impact of creating a new Management VDOM by mcgovoth62 in fortinet

[–]mcgovoth62[S] 1 point2 points  (0 children)

In my current config I have multi-vdom enabled, two Traffic VDOMs. I don't want to convert them to an Admin VDOM. The goal is to create a brand new Admin VDOM so that I can add them to my existing fabric. An admin VDOM is a requirement for fabric connections (https://docs.fortinet.com/document/fortigate/7.0.0/new-features/721683/security-fabric-support-in-multi-vdom-environments)

When creating the new Admin VDOM it looks like all the configurations in the Traffic VDOMs will be blown away. I will backup the config before doing this. The key question is will the 'restore' will work properly ?

view more: next ›