The Packtes, Life and everything
I like the the Idea to configure static routing over firewall objects. This avoids the static route limit on FortiGate Firewall. config firewall address edit "N.203.0.113.0--24" set allow-routing enable set subnet 203.0.113.0 255.255.255.0 next end config firewall addrgrp edit "R.Networks" set allow-routing enable set member "N.203.0.113.0--24" next end config router static edit 0 set gateway …
Continue reading "Fortinet – Static routes with Firewall objects"
Recently, we encountered significant CPU and memory utilization spikes on one of our Fortigate Firewalls. Despite consistently handling around 1.5 million sessions for several months without any problems, the situation took a turn for the worse. The firewall became unresponsive through the Command Line Interface (CLI), and at that time, we hadn't configured a dedicated …
Basic Packet Capture tcpdump -i eth0 This captures and displays packets on interface eth0. Capture Packets from a Specific Port tcpdump -i eth0 port 80 This captures packets on port 80 (HTTP traffic) on eth0. Capture Packets with a Specific Host as Source or Destination tcpdump -i eth0 host 192.168.1.100 This captures packets either from …
HP IRF (Intelligent Resilient Framework) are similar to Cisco VSS Prepare the Switch irf portsirf port membersHistoryLinks Some basic information only Prepare the Switch renumber if needed irf member 1 renumber 2 irf ports every switch has two ports irf-port <member>/1 irf-port <member>/2 irf port members irf-port 2/1 port group interface Ten-GigabitEthernet 2/0/21 port group …
Patrick Marc's Networks 