You can use SCEP to auto-enroll devices in FortiAuthenticator as well as retrieve CRLs. When configuring this on a firewall or other device the correct URL to use is:
http://<fortiauth IP>/cert/scep
I have asked the technical documentation team to add this to the FortiAuthenticator Admin Guide.
Tuesday, March 18, 2014
Friday, March 14, 2014
Logging DNS Requests
When inspecting DNS traffic it can be useful to log the domain names that are part of the DNS request. In order to accomplish this you can use a custom IPS signature:
The signature below allows you to search for and prevent DNS lookups for a specified domain, in this example xyz.com.
IPS
Custom Signature: F-SBID( --attack_id 4153; --name DOM-ALL; --protocol udp;
--service dns; --log DNS_QUERY;)
The signature below allows you to search for and prevent DNS lookups for a specified domain, in this example xyz.com.
(Danke C.R)
Wednesday, March 5, 2014
Deleting VDOMs
VDOMs have quite a number of dependencies that need to be deleted before you can get rid of the VDOM itself. Below is a useful little script that goes through all the sections and purges them so the VDOM can be deleted. Adjust it as needed.
## This script needs to be run interactively. In other words you cannot copy and paste the whole script. You have to acknowledge each purge command.
## Purge all VDOM specific configuration
config vdom
edit <vdomname>
config firewall policy
purge
end
config firewall policy6
purge
end
config firewall vipgrp
purge
end
config firewall vip
purge
end
config firewall addrgrp
purge
end
config firewall address
purge
end
config router static
purge
end
end
## Assign any interfaces used by the VDOM back to ROOT
config global
config system interface
edit <interface name>
set vdom root
end
end
## Delete any VDOM Links
config system global
config system vdom-link
delete <vdom link name>
end
end
## Make sure all admins are assigned to the root VDOM
config system global
config system admin
edit <admin-name>
set vdom root
end
end
config vdom
delete <vdomname>
end
## This script needs to be run interactively. In other words you cannot copy and paste the whole script. You have to acknowledge each purge command.
## Purge all VDOM specific configuration
config vdom
edit <vdomname>
config firewall policy
purge
end
config firewall policy6
purge
end
config firewall vipgrp
purge
end
config firewall vip
purge
end
config firewall addrgrp
purge
end
config firewall address
purge
end
config router static
purge
end
end
## Assign any interfaces used by the VDOM back to ROOT
config global
config system interface
edit <interface name>
set vdom root
end
end
## Delete any VDOM Links
config system global
config system vdom-link
delete <vdom link name>
end
end
## Make sure all admins are assigned to the root VDOM
config system global
config system admin
edit <admin-name>
set vdom root
end
end
config vdom
delete <vdomname>
end
Subscribe to:
Posts (Atom)