miércoles, 31 de julio de 2013

Gestionar FortiClients 5.0 desde un Fortigate 5.0

Para poder gestionar remotamente los FortiClient, es necesario activar lo siguiente en el Fortigate:

- "Feature" de Endpoint Protection.

Esto hará que aparezca la opción FCT-Access en la interfaz de red por donde recibiremos las comunicaciones de los clientes. Esta opción también debe estar activada.

Las comunicaciones se harán al puerto 8010 del Fortigate.

A disfrutar de los FortiClient gestionados!

miércoles, 24 de julio de 2013

Recuperando un Fortigate

Please try the following, this method has worked in the past although I am not sure it has 100% success rate !

>From the console port:

FWF50B (11:04-02.28.2007)
Ver:04000007
Serial number:FWF50B3G07524828
RAM activation
Total RAM: 256MB
Enabling cache...Done.
Scanning PCI bus...Done.
Allocating PCI resources...Done.
Enabling PCI resources...Done.
Zeroing IRQ settings...Done.
Verifying PIRQ tables...Done.
Enabling Interrupts...Done.
Boot up, boot device capacity: 64MB.
Press any key to display configuration menu...
..
[G]: Get firmware image from TFTP server.
[F]: Format boot device.
[I]: Configuration and information.
[Q]: Quit menu and continue to boot with default firmware.
[H]: Display this list of options.

Enter Selection [G]:

Enter G,F,I,Q,or H:

Select option d (hidden)

dr: Disable onboard RAM.
rt: Start RAM test.
offc: Turn off cache.
onc: Turn on cache.
lpci: List all PCI devices.
spci: Set PCI configuration registers.
clk: Display real time clock.
q: Quit debug mode.
h: Display this command list.

Select option k (hidden) to scan the flash and check/correct for bad blocks

:k
Flash CS0 is configured as a I/O based NAND controller at address=FF80h
Flash I/O not enabled in MSR_DIVIL_BALL_OPTS
ID NAND device returned ... AD 76 AD 76 AD 76 AD 76
ROM manufacturer=AD device=76
The ROM is a 64 MB Hynix HY27US08121M device
Scan and verify Nand flash's block(Blocks=0X1000)-->
List existing bad block(s):
------------------------------
------------------------------
start_block-->0x000
end_block-->0xfff

Testing block: 0X0000~0X0FFF of 0X0043

If bad blocks are found they should be marked.

When complete it will require a format and tftp of a new image, you must use MR5 patch 1 release.

Como acceder al Eventlog de BlueCoat

Para poder acceder al Event Log de un Proxy SG de BlueCoat, se accederá mediante la siguiente URL:

https://XX.XX.XX.XX:8082/Eventlog/Statistics