Fortinet – openfortivpn under Ubuntu Linux

glitchlist Uncategorized Leave a Comment

Ubuntu Network Manager have Fortinet SSL VPN Plug-in for connect you to HQ network. Below you will find instructions for activating the plu-gin and configuring it. First: Install plugin: Second: Configure NM: Third: do the magic: For work correctly we must find trusted-cert string and insert it in the client Advanced settings. EXPLANATION: Gateway certificate validation failed, and the certificate …

USG 6300 – Bidirectional NAT on Huawei Firewalls

glitchlist Uncategorized Leave a Comment

Nat 1:1 static configuration or “Server Mapping” in Huawei have a strange behavior on the WEB GUI. Based on USG 6300 series with V500R001C60SPC500 firmware, when you configure bidirectional NAT it behaves like a SOURCE NAT. Solution: There are platforms, such as new generation firewalls that have a very powerful web management portal. But in general in network environments, especially …

Arista – slow ssh login

glitchlist Uncategorized Leave a Comment

A common issue is when accessing a switch via SSH it takes a long time for the user to login and then after that the connection flows smoothly. This is generally due to the fact that SSH does a reverse DNS lookup for the remote device and the DNS query times out. Another common issue is that the management interface is …

VoIP phones port configuration

glitchlist Uncategorized Leave a Comment

It is sometimes possible to meet a multi-vendor and multi-client environment. For VoIP networks is not good but happen. A Network Admin can automate switch configuration in order to not provide the configuration of each individual phone and allow the voip team to install the devices by themselves. In this example we have an HP A5130 switch a CISCO IP …

Mikrotik Dude – regexp

glitchlist Uncategorized Leave a Comment

If you want to play with Regular Expressions in Dude server keep in mind these rules: RouterOS support POSIX regular expression syntax (POSIX standard), with some exceptions: ‘{}’ bounds are not supported; “()” must not be empty; equivalence classes are not supported (“[[.ch.]]”); collating elements are not supported (“[[=a=]b]”); matching is done in single pass, no backtracking. Following services in …

FortiGate – session clearing via CLI

glitchlist Uncategorized Leave a Comment

Quick Tip: to reset a specific session we can use the diag sys session clear command: type diagnose sys session filter clear for clearing all previously filters. 2. choose between all these options: diagnose sys session filter ? vd Index of virtual domain. -1 matches all. sintf Source interface. dintf Destination interface. src Source IP address. nsrc NAT’d source ip …