Disable SSL VPN Portal

11 Replies

If you are in an environment where you want to make sure that the SSL VPN portal page does NOT show that is fine. You can use the following command to disable the SSL VPN Portal page of a FortiGate

Config VPN SSL Settings
Set sslvpn-enable disable
End

This is commonly used when you are wanting to accept only IPSec tunnels etc to your device. I usually just leave mine up and customize the page to look cool and creative but that is me!

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Hard Disk Logging Problems

Leave a reply

If you happen to be using a FortiGate and you don’t see logging to disk as an option when in the GUI you may need to enable it via CLI. You can do this by entering the following commands in CLI:

Config Log Disk Setting
Set Status Enable
End

After you have done this, log out of the GUI and log back in. You should, from this point on see disk logging in the log access section of the FortiGate. If it is for some reason STILL not showing up you may need to diagnose the hard disk to see if it has possibly experienced a hardware failure. You can do this by utilizing the following command at CLI to determine status etc:

diag hardware deviceinfo ide hda

It will provide you with information on the disk to determine what is up.

FortiGate 800D Deployment

Leave a reply

One of the companies that sub contracts to me just requested that I do a pair of 800D’s for deployment. So I should have some good consulting stories, news, and configuration tid bits (how to’s etc) that come to mind during this process. Should be a good time. I haven’t had the chance to play with an 800D yet so that is even more exciting. I have played with larger and smaller. Curious to see the hardware differences and how it performs.

Understanding Consumer Behaviour from Wi-fi Insights

Leave a reply

We have all embraced online searching and shopping. The days of driving around town to compare costs or referring to the most current newspaper advertisement for a bargain have long gone. Today’s consumer reaches out via the Internet on a varie…
Source: Understanding Consumer Behaviour from Wi-fi Insights” target=”_blank”>Fortinet Blog

Sources of Information

Leave a reply

So, I run in to a lot of situations when deploying, managing, or troubleshooting various Fortinet devices. I am going to be posting about them here. Along with those issues and items that I find personally entertaining or troublesome though are the issues of the community as a whole. The Fortinet main site has a support forum where the community can discuss the issues they are experiencing and the possible work around solutions.

This community is great in that a lot of users find solutions to their issues. The fall back, though, is the lack of true technical break down as to WHY the issues are occurring. I am going to skim through the site and find situations that I find interesting (and hopefully you do to) and go into the question, the solutions, and the why for both. Hopefully, this will help make the Fortinet community have a little more knowledge that makes the vendors a little more capable.

One of the main reasons Fortinet is pushing this NSE training partner rewards incentive so hard is because the VAR’s (Value Added Resellers) are really good at pushing the product but are incapable of completing the deployments! Hopefully, this site will help in that regard.

What is Policy ID 0 and why a lot of denied traffic on this policy?

1 Reply

I was asked this question recently and also saw it being asked on the Fortinet Support Forums as well. This is really a simple question to answer though. Policy ID 0 is the default policy (the implicit deny) that comes by default on the FortiGate. They also come with an explicit allow right above it now which helps people utilize the device with no configuration right out of the box. FortiGate devices used to be deny by default on first use so that you had to allow the traffic you wanted. Either way, it is the deny traffic policy that comes built into the FortiGate.

FortiOS 5.4 GUI Hate

Leave a reply

So FortiOS 5.4 has hit GA status which means regular people can download it to their supported devices. The firmware is great on several accounts but one of the items that seems to be getting a ton of backlash is the GUI layout / design. Yes, the default green GUI leaves a lot to be desired when it comes to the aesthetics of the code but that is an easy fix.

Login to the FortiGate
Go to System
Click Settings
Select the theme under “View Settings” that you like.

They have a green, blue, red, and of course melongene. My personal favorite is the blue but I see the red getting a lot of use lately. It is really up to you. I personally don’t care about the design quality of the GUI from an aesthetic point of view as long as it does what I need it to do feature and configuration wise.

Oh well. Enjoy the new code!

Security is at the Top of Healthcare Providers’ “Must-Do” Lists—Or It Should Be

Leave a reply

“Houston, we have a problem.” This is not news to healthcare organizations, whether they are in Houston, Boston, St. Louis or San Francisco. 2015 was a banner year in healthcare, for all the wrong reasons. The increasing number of attacks…
Source: Security is at the Top of Healthcare Providers’ “Must-Do” Lists—Or It Should Be” target=”_blank”>Fortinet Blog