Cisco ASA: Add New Subnet in an Existing Site-to-Site VPN using ASDM

Edit the Existing VPN Configuration The existing connection profile cannot be edited for the new peer information because it is bound to a specific peer. In order to edit the existing configuration, you need to perform these steps: Create a New Tunnel Group Edit the Existing Crypto Map Create a New Tunnel Group Go to Configuration … Continue reading Cisco ASA: Add New Subnet in an Existing Site-to-Site VPN using ASDM

Fortigate 5.2 Vulnerability: SSH/SSL – Weak Encryptions

Known issue to: FortiOS 5.2.x (can also apply to higher versions). But 5.4.x and later has already disabled weaker ciphers DES, RC4 and SSLv3, so Firewalls running on later version are less-prone to vulnerabilities.     Recommendations/Mitigations:  What does strong encryption do? Enabling the use of strong encryption will only allow strong ciphers such as: AES … Continue reading Fortigate 5.2 Vulnerability: SSH/SSL – Weak Encryptions

Fortigate Firewall Firmware Upgrade Process

This page outlined the process to be followed when upgrading the FortiGate firewall clusters. Always perform the firmware upgrade onsite due to the risk of something going wrong and requiring manual intervention. Or have a technician on site if you are unable to be there. Make sure the yourself or the technican have local copies … Continue reading Fortigate Firewall Firmware Upgrade Process

Fortigate: Disable Telemetry (Endpoint Security) for Client VPN Users

blah blah Solution 1 You can recreate the VPN and on Step 3, Unselect Allow Endpoint Registration Solution 2 Disable Endpoint Security Enable the feature first so the option will show up on the firewall. Under System -> Feature Select -> Security Features -> select Endpoint Control. Once Feature is enabled, Forticlient Profile will be … Continue reading Fortigate: Disable Telemetry (Endpoint Security) for Client VPN Users

Fortigate: New FortiOS Upgrade Path Tool

Early this week, Fortigate has removed the Upgrade Path table on the Fortigate Cookbook website gaining reaction from many of us. I spend a good number of minutes trying to look around where I can find the table I used to find in just a couple of google searches and clicks. The Upgrade Path tool … Continue reading Fortigate: New FortiOS Upgrade Path Tool