OpenVPN DNS Issue

Issue: OpenVPN connects successfully but cannot resolved hostnames when browsing. It looks like an OpenVPN DNS issue. Platform: Ubuntu 14.04 LTS (Trusty Tahr) Software version: OpenVPN 2.3.4 OpenVPN logs indicated the DNS configuration was successfully pushed from OpenVPN server to client. Tue Oct 14 05:08:39 2014 SENT CONTROL [changeme]: 'PUSH_REQUEST'

Continue reading

Application pyfcgid Crash

Issue: Access to Fortigate 100D web administration (GUI) wasn’t working properly. For instance, access to web filter was intermittently accessible. Platform: Fortinet Fortigate 100D using FortiOS 5.2. Solution: This issue started to happen when I used Fortiview and drill down to session logs. Then it generated this error message stating

Continue reading

Fortigate Invalid Compressed Format

Issue: I tried to upgrade Fortigate 100D to latest firmware 5.0.7. After I restored to factory settings I couldn’t access it anymore using FortiExplorer so i tried consoling to it. I found out that the firmware was lost, then I tried to upload a firmware via console but I’m always

Continue reading

No socket found. Drop.

Issue: I get an error when I performed an SNMP walk on VDOMs. Debug flow logs showed “No socket found. Drop.”. Security and SNMP policies are set to allow SNMP query. id=20085 trace_id=1131 msg="vd-vdom_test received a packet(proto=17, 172.28.254.3:41678->10.151.30.42:161) from port1.3041." id=20085 trace_id=1131 msg="Find an existing session, id-0026d36d, original direction" id=20085

Continue reading

Fortigate VDOM Assignment through RADIUS

Issue: Fortinet Fortigate UTM has been setup for RADIUS authentication to allow remote administration for different levels of support staffs, customers and administrators. Also, VDOM assignment can be done through RADIUS (using RADIUS attribute – Fortinet-Vdom-Name) but this doesn’t work on FortiOS 5.x. Platform: Fortinet Fortigate UTM running FortiOS 5.x.

Continue reading

Value Conflicts with System Settings

Issue: Cannot change Fortigate from NAT to transparent mode. Error getting from the GUI is “value conflicts with system settings”. Platform: Fortinet Fortigate UTM firmware 5.x. Solution: Converting Fortigate from NAT to transparent mode from the GUI gives me this error “value conflicts with system settings” which isn’t helpful. I

Continue reading

Could not create dialup name too long

Issue:IPSec VPN to Fotigate UTM doesn’t establish. Getting an error “Could not create dialup name too long”. Platform: Fortigate UTM firmware version 5.2. Solution: I encountered this issue after upgrading Fortigate firmware from version 5.0.7 to 5.2. In the previous version, I was allowed to enter 14 characters as its

Continue reading

FortiGate VDOM integration to LDAP

Fortigate Virtual Domain (VDOM) is a virtualisation feature by creating virtual instance of Firewall. Each VDOM can provide completely separate firewalling, routing, unified threat management (UTM) , virtual private networking (VPN), and next generation firewall services. All traffic enters and leaves a VDOM completely separated from traffic from other VDOMs.

Continue reading