December 10, 2018

Category: Firewalls

Common Firewall Issues

One thing I come across time and time again are poorly configured firewalls. The reason for this is largely down to the people who configure them. Companies often put all their eggs in one basket when it comes to IT services which means people who perhaps aren’t best suited to managing security products, end up […]

DNS Sinkhole – What is it & Why do I need one?

In this post I will talk about DNS Sinkholing, what it is and how it can help you identify potentially infected machines. Useful in the fight against malware such as viruses, Ransomware and Crypto Jacking! What is DNS? Domain Name System – in very basic terms, the internet (and local networks) are all routed by […]

FortiGate :: HA Routed Failover w/ Session Failover

A recent requirement that came up was for there to be a redundant pair of firewalls, which allowed for session failover, configuration synchronisation and also maintain different external IPs and seperate BGP peering. A niche request, but something that was supported with FortiGates. Below details some configuration examples to achieve this. Config and Session Sync […]

How to configure a Rotating, long term packet capture using Wireshark.

Introduction Wireshark is an awesome tool for troubleshooting network traffic. Although the Wireshark GUI is not designed for long term packet captures and left running would simply fill the hard drive of the server/pc running the program. Within Wireshark there is a tiny built in Windows command line tool called ‘dumpcap’ which at less than […]

Firewall Troubleshooting :: CLI Packet Captures

In this post, I will cover the CLI based packet capture functionality for two firewalls; these are FortiGates and Check Points. Each have slightly different commands, but the results are fairly similar. This post will hopefully be of use for environments with multiple firewalls vendors, or where you support multiple customers with differing firewall vendors. What […]

FortiGate :: Web Filter Troubleshooting

When troubleshooting issues with the web filtering tool on the FortiGate, there are a number of things to consider. This post will hopefully assist you with getting to the cause of the issue if you encounter problems with Web Filtering. Firstly, we must consider the 3 modes of operation with web filtering on the FortiGate; these are: Proxy-Based (SSL […]

FortiGate :: HA Troubleshooting

FortiGates are capable of a few methods of High Availability.  This post will help you troubleshoot issues with the FortiGate Cluster Protocol (FGCP) in Active/Active or Active/Passive configurations. What is HA? High Availability is a feature that allows you to offer redundancy for your firewall. This is achieved by replicating all network connections on your […]

FortiGate :: Flow Diagnostics

In this post, I will provide an overview of the Flow troubleshooting tool available on FortiGate devices. This tool will enable you to see what is happening to your traffic as it traverses the FortiGate. You will be able to attain information such as policy-id being hit, NATing that is taking place as well as […]

Subscribe to SYNACK via Email