Issue: Telnet connection timed out when accessing the CPE via the secondary management interface loop1 as shown in the figure. The disconnection happens when the user stop sending data across the telnet session (e.g. stop typing commands). Findings: Started my investigation by taking a packet capture on the Fortinet Fortigate 100D. The packet capture shown…
BGP Cost Community
This post explores the use of BGP cost community to prefer one path over the other in a multipath environment as shown in the figure. BGP cost community is a nontransitive extended community attribute that is passed to iBGP peers only. This feature allows us to customize the BGP best path selection process at the…
Gaps in Cacti Graphs
Issue: Unexpectedly getting gaps in Cacti graphs that resulted in false alarm in NOC network weathermap. Having gaps isn’t good as visual data is lost, for reporting this gives wrong information and lastly entails an issue somewhere in Cacti.
Apple Devices Cannot Connect to Meraki AP
Issue: Apple devices like iPads and Macbook Pro cannot connect to Meraki AP. Sometimes devices can connect but get disconnect later on. Platform: All Cisco Meraki AP platform. Software version is unknown this is due to the fact Cisco Meraki doesn’t disclose it. Solution: Cisco Meraki APs that are configured to use WPA2 as its…
MPLS VPN Hub and Spoke
Sometimes customer wants to implement MPLS VPN hub and spoke topology which allows the customer to control traffic between spokes and also to other resources like the Internet (access restriction). Therefore, the hub acts as a central transit point between spoke sites. The MPLS VPN hub and spoke topology requires a special setup/configuration as shown…
FortiClient SSL VPN App Launcher in Ubuntu 14.04
This article guides you how to create a Forticlient SSL VPN app launcher in Ubuntu 14.04. First of all, download the Forticlient SSL VPN for Linux from support.fortinet.com. Make sure you have a valid contract to be able to download the software. As the time of writing the software version is 4.0.2303. Once you got…
Inter-AS MPLS VPN: Back to Back VRF
Back to back VRF is one of the options to connect customer sites that are geographically dispersed and also connected to different service provider MPLS VPN backbones. This option is the simplest approach for allowing MPLS VPN providers to exchange VPN routing information for CE sites. The border provider edge routers residing in different AS…
Application pyfcgid Crash
Issue: Access to Fortigate 100D web administration (GUI) wasn’t working properly. For instance, access to web filter was intermittently accessible. Platform: Fortinet Fortigate 100D using FortiOS 5.2. Solution: This issue started to happen when I used Fortiview and drill down to session logs. Then it generated this error message stating the application pyfcgid crash. I…