This is how to "upload" the certificate by CLI when web GUI doesn't accept it.
Technical Note: Upload Certificate using PEM forma... - Fortinet Community
Friday, July 15, 2022
Saturday, March 12, 2022
Fortinet get your paired devices back in sync
<!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-6ZMZ3S49YN"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-6ZMZ3S49YN'); </script>
It's a Kuhlua in your coffee first thing in the morning when you suddenly find your paired Fortinet devices out of sync and the FortigateSDN down and certain dynamic addresses just bling with red exclamation marks. Like what in the world?
Well for one thing, the secondary is still showing green. However, it's not an actual full fail because the Policies with hard-coded IP addresses so traffic is still going through, so it was hard to see right away.
1. Get the FortigateSDN Connector with Azure with the correct secret, check in the GUI.
Use the CLI to check if information about the SDN Connectors is there, though obviously it is.
show full | grep -f FortigateSDN
diag debug enable
diag debug app azd -1
I don't like using the config command just to show, but you can hit end right away
config sys sdn-connector
show full
end
(or edit each item as needed)
2. some CLI commands to check the health status.
get system ha status
diag debug console timestamp enable
diag debug application hatalk -1
diag debug application hasync -1
diag sys ha checksum cluster
Forcing a sync again maybe
di deb app hasync-1
di deb app hatalk -1
exec ha sync start
(exec ha sync stop) why?
(dia deb disable) makes it stop writing to the screen
di deb reset
diag sys ha checksum recalculate
3. can look at probes
show sys probe-response
show full-config sys probe-response
show full-conf sys interface
4. Comparing working flows
diag debug reset
(diag debug enable)
diag debug flow filter dport 8008
diag debug flow show function-name enable
diag debug flow trace start 100
diag debug enable
Type that one last or you'll have too many things pop up all over the screen!
5. here's to get rid of an annoying startup banner
set gui-firmware-upgrade-warning <enable | disable>
Tuesday, November 3, 2020
Cisco Enterprise Core Technologies
During the ongoing months of COVID lockdown, and being sent to work from home for most of the week, I decided to gear up on some Cisco training.
I recently completed the Cisco Certified Network Administrator bootcamp course! I'm not sure if I have the intention of actually going through with the certification exam, but why not. However I went straight to the next course on the schedule and it was Cisco Enterprise Core Technologies. It was the perfect combo because it refreshes and expands the material that was already covered in CCNA and makes things more practical. Of course we had the best instructor ever for both courses, gotta love Patrice and Raj.
I will post some of the links to other great topics we uncovered and also some great screen shots. I call this one, hot tips for fast subnetting and finding your address space. Boom. 4 seconds and no binary required. Can you see it? I will explain this later.
Friday, February 3, 2017
Talk to Your Kids
An important discussion popped up during dinner time conversation; a tough talk that I was hoping to postpone to the future. That dreadful talk about drugs! Bring it up sooner when they are still willing to listen! We were able to get the point across but in a humorous and serious way. We basically flat out said, hey kids don't do drugs. What?
I had already warned them in the past, don't take candies from strangers, and I had used the same example before about not accepting "things that look like candies" from anybody. My kids are still young but not too young to be aware of the dangers; warning them to be strong in the face of a decision point. We talked about how drugs can be addictive, make someone do crazy things, make someone waste all their money, mess up their face, lose their friends and family....
Fast forward to 2020, we've been watching the teen drama, Riverdale. Lots of great conversation starters for important topics - jingle jangle, bootlegging maple rum, off-board gaming, and safe sex.
On a quiet bus ride home this evening from the downtown core, I overheard a conversation between two young men. One guy told his friend that he would like to try Ecstasy, the friend just said, "Don't do it man, it's bad for you, you don't know who you're getting it from or if it's the real thing. If you want to have fun, just have a beer, but don't drink too much..." They chatted some more and the guy had to get off the bus. I really couldn't help but commend the young friend for counselling his buddy to stay away from drugs. We chatted about things, including the conversation I had with my kids, and how important it is to talk about it, and even be that friend who is strong enough to say no, please don't do it.
I had already warned them in the past, don't take candies from strangers, and I had used the same example before about not accepting "things that look like candies" from anybody. My kids are still young but not too young to be aware of the dangers; warning them to be strong in the face of a decision point. We talked about how drugs can be addictive, make someone do crazy things, make someone waste all their money, mess up their face, lose their friends and family....
Fast forward to 2020, we've been watching the teen drama, Riverdale. Lots of great conversation starters for important topics - jingle jangle, bootlegging maple rum, off-board gaming, and safe sex.
On a quiet bus ride home this evening from the downtown core, I overheard a conversation between two young men. One guy told his friend that he would like to try Ecstasy, the friend just said, "Don't do it man, it's bad for you, you don't know who you're getting it from or if it's the real thing. If you want to have fun, just have a beer, but don't drink too much..." They chatted some more and the guy had to get off the bus. I really couldn't help but commend the young friend for counselling his buddy to stay away from drugs. We chatted about things, including the conversation I had with my kids, and how important it is to talk about it, and even be that friend who is strong enough to say no, please don't do it.
Subscribe to:
Posts (Atom)