This guide will outline the steps to set up VPN Remote Access in FortiGate. Although you do not need FortiClient EMS, VPN with Fortinet is best used with it. Create a loopback interface and Virtual IP Although you can always just use the default outside interface, setting up a loopback and virtual IP (VIP) allows…
Category: Networking
FortiGate / ArubaOS-Switch Reference Guide
This is a work in progress. Command ArubaOS-Switch FortiGate Show LLDP Neighbors # show lldp info remote-device # diagnose lldprx neighbor summary Set global remote auth timeout # config system global# set remoteauthtimeout <seconds> Show route table # show ip route # get router info routing-table all
Essential Linux/Mac/WSL Terminal Apps
I usually forget what apps I regularly use on a Linux terminal until I get a command not found error. This will act as my reference to remember to install these apps when using a new terminal. This is a work in progress and apps may be added or removed. Most of these apps are…
Useful Tools
Link Compilation Linux Useful Commands Linux Tool Alternatives
Allow SSH connections only from certain addresses using hosts.deny/hosts.allow
This is the method that can be used to allow SSH connections from certain IP networks. An example use for this is allowing SSH from certain public IP networks, as well as from my Tailscale network. If possible, it is probably better to use iptables/nftables/ufw or the firewall feature of your hosting provider if they…
Rate limit connections in Linux
Use the following iptables command to rate limit connections per IP. This is useful for preventing a DDoS attack on DNS servers. However, for DDoS protection for your DNS servers, you should be hosting DNS with the big cloud providers like Cloudflare, or running dnsdist in front of your authoritive servers.
Create a .pfx/.p12 Certificate File Using OpenSSL
Source: https://www.ssl.com/how-to/create-a-pfx-p12-certificate-file-using-openssl/ The PKCS#12 or PFX format is a binary format for storing the server certificate, any intermediatecertificates, and the private key into a single encryptable file. PFX files are usually found with theextensions .pfx and .p12. PFX files are typically used on Windows and macOS machines to import andexport certificates and private keys. Requirements…
Convert Aruba AP-325 from Campus mode to Instant mode
There are two versions of the Aruba AP-325. One version is the Campus AP that has 256MB of RAM. The other version is the Instant-AP with 512MB of RAM. Campus APs that are converted to Instant APs are limited to ArubaOS 6 and cannot be upgraded further even if Aruba Central or the AP themselves…
Enable Melanox Connect X support in OPNsense
Support for Mellanox Connect-X NICs aren’t enabled on OPNsense by default. The following line has to be added to /boot/loader.conf.local. However this did not work for me and I had to add this from the web interface, System → Settings→ Tunables.
Install GNS3 on UNRAID on your local
network
GNS3 allows network engineers to model networks. Unlike network simulators, GNS3 uses real deviceimages. The devices run on a hypervisor. Unraid is an easy to use NAS operating system based onSlackware that supports docker images and virtual machines. Create a VM in Unraid We will be using Ubuntu 20.04 as the base of GNS3. Install…