- Видео 45
- Просмотров 65 345
ROSA Technocrat
Индия
Добавлен 23 ноя 2019
This Channel Gives knowledge and information about IT Infrastructure and IT Security. Provides education videos and solution to technical issues
Fortigate - Link Monitor - HA failover using remote-IP monitoring
This Video provides knowledge and information about Link monitor on Fortigate.
Link monitor can
1) Update-cascade-interface
2) update-static-route
3) update-policy-route
4) ping-server- / HA remote IP monitoring
diag sys ha dump-by group
diag sys link-monitor status
Link monitor can
1) Update-cascade-interface
2) update-static-route
3) update-policy-route
4) ping-server- / HA remote IP monitoring
diag sys ha dump-by group
diag sys link-monitor status
Просмотров: 118
Видео
Fortiweb- URL Access Policy and URL Access Rule with WPP #fortiweb #restricturl
Просмотров 269Месяц назад
This Video provides knowledge and information about URL access policy and URL access rule on Fortiweb. URL access Policy is used to restrict access to certain URL or sensitive URL depending on a matching critriea. URL access Rule is binded to URL access Policy. URL access Policy is binded to Web Protection profile . Web protection profile is further applied to the server policy. #restrictingurl...
Fortigate - Conserve Mode Troubleshooting - Fortigate Entered into conserve Mode #fortigate
Просмотров 5782 месяца назад
This Video provides knowledge and information about How conserve mode is triggered on fortigate What is conserve mode? How to identify root cause of conserve mode Below logs can be seen in Fortigate system event logs Kernel enters memory conserve mode The system has activated session fail mode The system has deactivated session fail mode
Fortigate - DOS Policy - DOS Policy Threshhold - Troubleshooting
Просмотров 8412 месяца назад
This Video provides knowledge and information about configuration, optimization and troubleshooting for DOS Policy on Fortigate. Threshold values for different anomaly. MOnitor mode, block mode DOS Policy. anomaly: udp_flood, x greater than threshold y, repeats z times tcp_syn_flood, tcp_src_session, tcp_dst_session tcp_port_scan ip_src_session
Fortisandbox - Troubleshooting Fortisandbox - Fortigate inline scan- File Submission ( Part 2)
Просмотров 2982 месяца назад
Link to Part 1 Video is as below : ruclips.net/video/eupkP1hFYCk/видео.html ruclips.net/video/eupkP1hFYCk/видео.html This Video provides knowledge and information about Fortisandbox. Unlock the full potential of FortiGate Antivirus and FortiSandbox with our comprehensive guide! In this video, we dive deep into the features, functionalities, and troubleshooting techniques that will help you maxi...
Fortiweb - Basic Application setup, publishing with Basic troubleshooting. Virtual IP -Virtual srvr
Просмотров 1,7 тыс.4 месяца назад
This Video provides knowledge and information about Fortiweb Basic troubleshotiing and setup of an application. Fortiweb Virtual IP Fortiweb Virtual server Fortiweb Web server policy. Fortiweb Web diag debug flow Fortiweb diag debug flow trace start diag network sniffer
Fortigate - Fortianalyzer Troubleshooting Connectivity Issues #fortigate #faz #fortianalyzer
Просмотров 7294 месяца назад
This Video provides knowledge and information about Troubleshooting connectivity issues between Fortigate Firewall and Fortianalyzer. diag test application fortilogd get log fortianalyzer setting exec log fortianalyzer test-connectivity Failed to get FAZ's status. Authentication Failed. (-19) diag debug app oftpd
Fortigate -I/O error to superblock detected or detectecd IO error ( Critical error ) in event logs
Просмотров 2524 месяца назад
This Video provides knowledge and information about a critical error that is seen in events logs or crashlog or on console. I/O error to superblock detected or detected IO error when writing metadata buffers diag hardware test disk diag hardware deviceinfo disk #rosatechnocrat #fgt #diskerror #fortigate
Fortigate - #FGT Integration with Fortisandbox #FSA - Configure Sandbox in Fortigate Firewall
Просмотров 9665 месяцев назад
This Video provides knowledge and information about how to configure Fortisandbox in Fortigate. Antivirus Profile modes, Fortisandbox Scan modes ( inline & Post-transfer) Talks about Monitor and block mode of AV profile.
Fortigate - Firewall policy Inspection Modes - Flow mode Proxy Mode
Просмотров 2,4 тыс.5 месяцев назад
This Video provides knowledge and information about Fortigate Firewall policy inspection mode. Flow mode vs Proxy mode. Security profiles that can be applied in different security modes. config firewall policy edit set inspection-mode flow or proxy end
Fortigate - Critical SSLVPN Vulnerability - FG-IR-24-015- CWE787
Просмотров 4638 месяцев назад
This Video provides knowledge and information about Critical SSL VPN vulnerability on Fortigate Firewalls. Critical SSLVPN Vulnerability - FG-IR-24-015- CWE787
Fortigate - SNMP Configuration & Troubleshooting - No response for SNMP queries or traps
Просмотров 3,1 тыс.8 месяцев назад
Fortigate - SNMP Configuration & Troubleshooting - No response for SNMP queries or traps
Fortigate - Performance statistics logs - set sys-perf-interval
Просмотров 43410 месяцев назад
Fortigate - Performance statistics logs - set sys-perf-interval
Fortigate - Local out traffic 127.0.0.1 to 127.0.0.1 #fortigate #rosatechnocrat #logs #loopback
Просмотров 50110 месяцев назад
Fortigate - Local out traffic 127.0.0.1 to 127.0.0.1 #fortigate #rosatechnocrat #logs #loopback
Fortiweb - Upgrading Firmware on Fortiweb & rollback -Release notes/Upgrade path #fortiweb #fortine
Просмотров 1,1 тыс.11 месяцев назад
Fortiweb - Upgrading Firmware on Fortiweb & rollback -Release notes/Upgrade path #fortiweb #fortine
Fortigate - Troubleshooting LAG interface- Link aggregate -ASAIEE -LACP Troubleshooting -LACP States
Просмотров 2,1 тыс.Год назад
Fortigate - Troubleshooting LAG interface- Link aggregate -ASAIEE -LACP Troubleshooting -LACP States
Fortigate - Troubleshooting IP connection error & Deny: DNS error' and 'Deny: IP connection error’
Просмотров 4,6 тыс.Год назад
Fortigate - Troubleshooting IP connection error & Deny: DNS error' and 'Deny: IP connection error’
Fortigate -Troubleshooting ARP/MAC Issues - ARP Table MAC Table #fortios #fortigate #troubleshooting
Просмотров 2,2 тыс.Год назад
Fortigate -Troubleshooting ARP/MAC Issues - ARP Table MAC Table #fortios #fortigate #troubleshooting
Fortigate - Configuration and Troubleshooting of Netflow on FGT. #netflow #fgt #sflowd
Просмотров 2,1 тыс.Год назад
Fortigate - Configuration and Troubleshooting of Netflow on FGT. #netflow #fgt #sflowd
Fortigate - Interface Issue and counters explained #fortigate #fgt #intcounters #rxerror #txerr #crc
Просмотров 2,4 тыс.Год назад
Fortigate - Interface Issue and counters explained #fortigate #fgt #intcounters #rxerror #txerr #crc
Fortigate - diag test application init - Initd daemon/process
Просмотров 478Год назад
Fortigate - diag test application init - Initd daemon/process
Fortigate - Understanding and modifying Replacement-msg #fortios #fortigate #troubleshooting
Просмотров 3,3 тыс.2 года назад
Fortigate - Understanding and modifying Replacement-msg #fortios #fortigate #troubleshooting
Fortigate - Understanding and Troubleshooting Fortiguard Issues #fortios #fortigate #firewall
Просмотров 5 тыс.2 года назад
Fortigate - Understanding and Troubleshooting Fortiguard Issues #fortios #fortigate #firewall
Fortigate Session Diagnose #diag sys session #fortigate #fortios #troubleshooting #networksecurity
Просмотров 2,9 тыс.2 года назад
Fortigate Session Diagnose #diag sys session #fortigate #fortios #troubleshooting #networksecurity
Fortigate Understanding CPU & Memory utilization (diag sys top) #fortios #troubleshooting
Просмотров 4,5 тыс.2 года назад
Fortigate Understanding CPU & Memory utilization (diag sys top) #fortios #troubleshooting
Fortigate Session not offloading to NPU (no_ofld_reason) #fortios #NPU #fortigate
Просмотров 2,4 тыс.2 года назад
Fortigate Session not offloading to NPU (no_ofld_reason) #fortios #NPU #fortigate
Rosa-technocrat Intro Video #firewall #troubleshooting #troubleshootingspecialist
Просмотров 3822 года назад
Rosa-technocrat Intro Video #firewall #troubleshooting #troubleshootingspecialist
SIEM Tool use cases with Fortigate- Generating Even or alarm #splunk #fortios #Fortigate #siemtools
Просмотров 6032 года назад
SIEM Tool use cases with Fortigate- Generating Even or alarm #splunk #fortios #Fortigate #siemtools
Running Scripts - Continous Commands on Fortigate -Intermittent issues #fortigate #fortios #teraterm
Просмотров 8382 года назад
Running Scripts - Continous Commands on Fortigate -Intermittent issues #fortigate #fortios #teraterm
Fortigate HA - Out of sync error #fortios #fortigate #outofsync #firewall
Просмотров 12 тыс.2 года назад
Fortigate HA - Out of sync error #fortios #fortigate #outofsync #firewall
Ever see an issue with print sessions becoming stale on fortinet? See 135 sessions not closing and becoming 2d + old client is unable to print. Spooler reset, client reboot, doesnt matter the session to print server doesnt terminate.
Check the timeout value of connection Provide output of session list. Diag sys session filter src <src_ip> Diag sys session list
May be by mistake the session timeout is set to 0 unlimited , default should be 3600
@@rosatechnocrat timeout looks to be the default 3600. For some reason the user and destination user are two different users even though its going to a papercut server
Looks like that may be just because of whoever last was hitting the server when the agent is checking.
Very good, thanks
Thanks for feedback.
Nice very useful . Thanks bro
Glad it helped and thanks for feedback
Looking for more videos on fortiweb
Hi @Mspower8 , sure will make more videos. Will try on possible options and troubleshooting
@Rosa, we tested with flowbased it is working but after changing to inline scan we are getting scan timeout error under AV log on FGT. On FSA the connection for that particular VDOM Shows in red state as down, what could be the possible reason of this disconnection and how to fix it. I run the debug but no info, I am sure there is no issue with reachability as we successfully tested with flow based and then the status for the vdom on fSA went into the red or down state?
Do an telnet on port 4443 from FGT to FSA IP address . Verify if reachable
@@rosatechnocrat sure I will check that, but I don't think it's an issue with the reachability as the File Submission port on FSA which we have configured from the FortiGate under the Security Fabric is in the Same Network and there is no additional firewall in between, apart from this what could be the reason as flow based scenario worked perfectly fine but when we changed the state from flow to the proxy based the vdom status which we are testing starts showing down in the FSA while the status for the root vdom is green.
@@faisal04021987 4443 port is only required in inline scanning while not in passive scan.
@@rosatechnocrat Noted.
Do you provide paid training on Fortiweb ?
You are looking for individual or group
@@rosatechnocrat individual
@@rosatechnocrat I am looking for individual training
Sir, in server IP address.which device IP was added. Fortigate firewall or fortisandbox device kindly brief it
Fortisandbox
why it was not getting disabled via gui
Thank you!
You're welcome!
Thank you for the video, had a query when it comes to DOS policy have you come across a scenario where it is applied to an inbound interface? , second question: Let's say I have no VIP configured or any SSL or IPsec services running on WAN interface and even have ping disabled (basically no service running on WAN port) would I still need a DOS policy?
Hi Rpinto : First let’s answer the second question : Yes you need a DoS policy even if you have no service running on the firewall or the FGT itself. But, only if you have a web service or any service inside your network that is accessible from outside, attacker can target that and can cause a dos attack. Dos policy actually depend on the placement of device. If connected to internet or internally used. 1st question answer : even it can be used on inside interface but generally people avoid to configure on inside. It can be very useful on inside interface if you find some already breached within network or if you can baseline your internal traffic as well
@@rosatechnocrat thanks
I appreciate your work, nice content.
Glad you enjoy it!
Thanks again ❤. Will be great if you can make a future video on how to collect stats every 5 minutes using automated scripts.
You can by by using SNMP monitoring or using automated scripts. There is already a video on how to run automated script. Check my existing videos
Love ur videos keep em comming❤
Thank you! Will do!
Thank you for starting this channel. The videos you share tackle issues that engineers might encounter on a daily basis, and you are a source of inspiration for them.
Thanks rajpandey for feedback. Will try my best to provide all possible day to day issues
great explanation.
Glad it was helpful!
where is part2
ruclips.net/video/zNr2uMhPmL8/видео.html
Thank you as always. Explained very nicely and in simple words.
Glad you liked it!
please make videos for fortimanager as well diagnose sniffer - packet capture troubleshoot video
Sure will try asap
please keep posting such informative videos, it really helpful for the real world techies
Thanks @rajpandey for feedback
Thanks for sharing day to day problems you are facing. It is helpful me. Thanks
Hi Selva , Thanks for feedback
Hi can make a video on issue (fortimanager out of sync ,when we add policy )
Hi Yusman, Thanks for feedback. Sure will try my best.
Thank you for the effort ❤
Any time! Thanks for watching and your feedback.
#firewall
Thanks
waiting for next video !!!
Hi Rejo, will be uploaded by tomorrow or Sunday max
Thank you my friend! This has helped me, no amount of searchinga nd skimming through docs of Fortinet answered my questions about those counter elements. Appreciate this.
Glad to hear it!
Thank you so much. Can you do how to setup HA in sandbox
Sure … will do asap
Can I use the FortiAnalizer as collector ?
Fortianalyzer is not a Netflow collector. Fortianalyzer does not process netflow. So fortianalyzer you can not use.
Hi, I recalled your video - I have a doubt here, how to create more than one collector - earliest advise will be more helpful for me - need to configure in my environment - if i add second collector, the second collector ip becomes first and first is deleting Thanks in Advance
Hi Selva, Configuring multiple collector is only from Version 7.2.8 onwards. In the new firmware version (7.2.8, 7.4.2, and later), it is possible to configure multiple netflow collector. Prior to these versions only one Netflow is possible. Please check your version. After these versions you can use below commands config system netflow config collectors edit 1 set IP edit 2 etc.....
@@rosatechnocrat Thank you very much. My version is 7.0 2. Thanks a lot 🙏
Welcome.. Glad it was helpful for you.
Waiting eagerly for the next video :)
Hi Muhammad, Sorry for delay, Part 2 will be out tomorrow.
Again superb real world fortigate tshoot video. ❤ Make tshoot videos of Fortimanager and waf fortiweb
Hi Kiran. Thanks for feedback. I have received my lab fortiweb license. Will start fortiweb
Awesome. Yes please similar video for FortiManager
Thanks for your videos they are so interesting .
Glad you like them!. Thanks
hello Sir, can you please make video on troubleshooting while adding device on FAZ
Sure .. will try
@@rosatechnocrat sir actually im adding device in forti Analyzer but no connectivity error showing in fortigate firewall.. Please address this issue and make video on this.
@@PratikWaghmare-gz8hr send me screenshot of the error at Ashwani.yadav088@gmail.com
@@rosatechnocrat sir please check your email..i have shared you SS of the errors.
I'm sure that this is the best video tutorial details explained very well
Thanks Raguwanshi.. Glad it was helpful.
@@rosatechnocrat Thanks I did web based upgrade and found no issues. As my database was low so no rebuild was required
Another superb Tshoot video. Thank you very much for the video. Kindly make videos on fortiweb waf aa well
Thanks Kiran and sorry to keep you waiting for your request. I am trying to grab a Fortiweb device for my lab. I will get it by this week and will start Fortiweb as well.
Great thanks! I was able to use the basics you presented to figure out what I needed to do.
Glad it was helpful for you :) thanks for feedback
hii can you share any videos how to configuration fortiDeceptor with FortiGate
Sure let me check. I will try
How about integration with FSA cloud, do you see any performance impact on Firewall after bringing it inline?
There will not be performance impact but also depends on model of firewall size of traffic. The delay will be in file downloading or receving files as the fortigate will not release the file until verdict from FSA is received.
Thanks, very good explanation.
Glad it was helpful!
THANKS
You're welcome!
Informative. Thanks for sharing.
Glad it was helpful!
Superb 👌… Forticlient ssl vpn tshiot scenarios plz
Ok coming soon
good video as usual
Thanks saemon for feedback
Nice video… want more content of WAF - fortiweb and ssl vpn troubleshoot video
Hi Kiran, Sure SSL VPN will be next and Fortiweb also I will try ASAP.