#!/bin/bash # Patrick Marc Preuss (c)2021 - 2025 # Check for required environment variable if [ -z "${SSHPASS}" ]; then echo "Error: Please set the SSHPASS environment variable." exit 127 fi # Check for firewall argument FW="$1" if [ -z "${FW}" ]; then echo "Usage: $0 <firewall-hostname-or-IP>" exit 127 fi # Timestamp for output file …
Fortigate – IPerf3
Note to my self. Looks like Fortigate changed the access to IPerf3. FG (global) # diagnose traffictest set_pair mgmt:mgmt Server:Client pair is mgmt:mgmt Server CPU affinity: None Client CPU affinity: None Stream number: 1 Traffic protocol: TCP Server IP address: 192.90.255.199 Server VDOM: vsys_hamgmt Client IP address: 192.90.255.199 Client VDOM: vsys_hamgmt FG (global) # diagnose …
Avocent – MTU
We stumbled over a situation where the wan environment did not advertise lower mtu values properly or fragments where routed over a different path. To FIX this we set the MTU / MSS values on the route. vi /etc/network/st_routes 10.0.0.0/8 via 10.52.192.81 dev eth0 mtu 1150 advmss 1100 default metric 0 via 10.52.192.81 This is …
BGP – More on Load Balanceing
Some good presetation on BGP Links https://www.sanog.org/resources/sanog33/SANOG33_Tutorials-BGP_Communities_and_Geotags-Muhammad_Moinur_Rahman-DZCRD.pdf https://www.denog.de/media/DENOG10/day2_0900_communities-no-anim.pdf https://nsrc.org/workshops/2014/afnog-are/raw-attachment/wiki/Agenda/09-BGP-Communities.pdf
FortiGate Cluster Deployment – Zero Touch / Low Touch Debugging Notes
After a long day of back-and-forth debugging, here are some takeaways from trying to deploy a FortiGate cluster with dedicated management interfaces: FortiGates must without current support contract, needs to have the same version allready installed and FortiManager enforce Firmware needs to be set to this Version. Otherwhise this fails. FortiManager 6.4.14 and configure dedicated …
Continue reading "FortiGate Cluster Deployment – Zero Touch / Low Touch Debugging Notes"
Check Point – Troubleshooting
Check Point – Advanced Interfaces
Those are my personal notes towards the certification and do not reflect any training from Check Point.For official Information please refer to sk163417. APIGAIA APIManagement API API https://sc1.checkpoint.com/documents/latest/api_reference/index.html around 20 APIs 8 for Quantum GAIA API Management API The API can be run from SmartConsole Command Line interface / Gaia CLI Command line client mgmt_cli …
Check Point – Interfaces
Those are my personal notes towards the certification and do not reflect any training from Check PointFor official Information please refer to sk163417. Primary InterfacesGaia Operating System ShellsCLIGUISmart Console Primary Interfaces Gaia Operating System Shells CLI Gaia Clish - Default Shell Bash - Export Mode Shell GUI Gaia Portal browser based shell Smart Console Smart …
Check Point – Review Basics Deployment Types
Those are my personal notes towards the certification and do not reflect any training from Check PointFor official Information please refer to sk163417. Review Basic Deployment Standalone DeploymentDistributed Deployment Standalone Deployment All Functions run on the same computer. Security Management Sever and Security Gateway Distributed Deployment Security Management Sever and Security Gateway run on different …
Continue reading "Check Point – Review Basics Deployment Types"
Check Point – CCSE – Day29 – Training Day 3
So aproaching the last day of CCSE training. Many thanks to Yasushi Kono for the interersting days, a lot of fun and insides. Finshed this day. Those are my personal notes towards the certification and do not reflect any training from Check PointFor official Information please refer to sk163417. Start08:30End17:00 Chapter 7: Advanced Site-to-Site VPN …
Continue reading "Check Point – CCSE – Day29 – Training Day 3"
Check Point – CCSE – Day30 – Training Day 2
Those are my personal notes towards the certification and do not reflect any training from Check PointFor official Information please refer to sk163417. Start08:30End17:30 Chapter 3: Advanced Gateway Deployment (Continued)Chapter 4: Advanced Policy ConfigurationPolicy LayersDynamic ObjectsChapter 5: Advanced User Access ManagementChapter 6: Custom Thread PreventionChapter 7: Advanced Site-to-Site VPN Chapter 3: Advanced Gateway Deployment (Continued) …
Continue reading "Check Point – CCSE – Day30 – Training Day 2"
Patrick Marc's Networks 