enable sni on a fortiweb for back-end servers in a ADFS configuration
- No Comments
- Jul, 21, 2017
- Angelo Schalley
- adfs/saml, Fortigate/Fortinet, FortiWeb, Networking, security
Configuring server-side SNI support (needed for Microsoft ADFS)
FortiWeb supports server-side SNI (Server Name Indication). You use this feature when you have the following configuration requirements:
The operating mode is reverse proxy or true transparent proxy.
You offload SSL/TLS processing to FortiWeb and use SSL/TLS for connections between FortiWeb and the pool member (end-to-end encryption).
One or more server pool members require SNI support.
Read more on enable sni on a fortiweb for back-end servers in a ADFS configuration…
common used snmp oid fortigate mib core
- No Comments
- Jul, 18, 2017
- Angelo Schalley
- Fortigate/Fortinet, Networking, snmp
CORE:
Traps:
.1.3.6.1.4.1.12356.100.1.3.0.101
Indicates that the CPU usage has exceeded the configured threshold.
.1.3.6.1.4.1.12356.100.1.3.0.102
Indicates memory usage has exceeded the configured threshold.
.1.3.6.1.4.1.12356.100.1.3.0.103
Log disk usage has exceeded the configured threshold.
Read more on common used snmp oid fortigate mib core…
configure secondary ip address on a Fortigate command line
- 2 Comments
- Mar, 16, 2017
- Angelo Schalley
- Fortigate/Fortinet, Networking
config vdomedit “vdom name”config system interfaceedit “interface name” (lookup via “show” when in ‘config system interface’ mode)set secondary-IP {enable | disable}config secondaryipedit 1 (or any other number)set ip <ipv4-classnet-host>set allowaccess {ping | https | ssh | snmp | http | telnet | fgfm | auto-ipsec}
Read more on configure secondary ip address on a Fortigate command line…