FortiGate High Availability Cluster CLI commands:
Manage the specified FortiGate unit (X ist the unit number):
execute ha manage X
Set the current ForitGate Unit as master:
diag sys ha set-as-master enable
Get HA Status:
get system ha status
FortiGate Session commands:
Get all Sessions:
diag sys session list
Filter Sessions:
diagnose sys session filter
Clear Sessions (only filtered ones or all):
diagnose sys session clear
Clear Filter:
diag sys session filter clear
This is a short manual how to use Let’s Encrypt on CentOS 6 with Apache Webserver:
1. Install dependencies:
Download, unzip and install Python:
wget https://www.python.org/ftp/python/2.7.11/Python-2.7.11.tgz
tar -xvpzf Python-2.7.11.tgz
cd Python-2.7.11
./configure
make altinstall
Install Git:
yum install git
git clone https://github.com/letsencrypt/letsencrypt
2. Stop apache:
Continue reading LetsEncrypt on CentOS 6 – Free SSL certificate for everyone!
Vor einigen Tagen habe ich bei meinen Eltern das Centro Grande mit Swisscom TV, Internet und Telefonie eingerichtet. Laut Verpackung alles schön einfach: Einstecken, Einschalten, Surfen, Telefonieren und TV-gucken. So einfach habe ich mir das auch vorgestellt…
Ich habe mich also an die Installation des Centro Grande DSL-Routers gemacht, wie ihn Swisscom so schön nennt. Eigentlich
A few days ago I installed dnsmasq on my QNAP NAS. I use this DNS-forwarder to resolve my LAN-device’s names. Here is a little instruction:
First install ipkg, if you haven’t already (see http://wiki.qnap.com/wiki/Optware_IPKG).
Access your NAS with ssh as “admin”. If you haven’t already activated ssh, see http://wiki.qnap.com/wiki/How_to_SSH_into_your_QNAP_device.
Bring your ipkg installation up to date with this command: /opt/bin/ipkg update
Install the DNS-forwarder dnsmasq: /opt/bin/ipkg install dnsmasq
Edit with vi or your favorite text-editor the file /opt/etc/dnsmasq.conf and add the following line:
addn-hosts=/opt/etc/dnsmasq-hosts.conf
I added also a dedicated user for dnsmasq called “dnsmasq” and modified the following lines in dnsmasq.conf:
# If you want dnsmasq to change uid and gid to something other # than the default, edit the following lines. user=dnsmasq group=everyone
Create and edit the file: /opt/etc/dnsmasq-hosts.conf
In this file, you define all your hosts with their names.
Example:
192.168.0.1 firewall.mydomain.int 192.168.0.2 switch1.mydomain.int 192.168.0.5 server1.mydomain.int
After modifying and saving this file, restart the dnsmasq service:
/opt/etc/init.d/S56dnsmasq restart
All done! Now you have to set the first DNS-Server address on your computer, to the IP-Address of your NAS.
The NAS will now answer all DNS-Queries. IP-Addresses which are not in the config file will be forwarded to the DNS-Servers configured on the NAS to resolve names outside your network.
A few weeks ago I replaced my good old DrayTek Vigor with a FortiGate WiFi. Because I have now two different Networks (one WiFi and the other Wired-LAN), the TimeMachine Backup does not work.
This has a simple background: TimeMachine uses Apple’s Bonjour protocol to find backup-volumes on the Network. Bonjour uses multicast, which is not routed between different Networks.
The solution is very simple, but you have to find it because it is not activated by default:
1. Go to “System” -> “Admin” -> “Settings” and activate the checkbox on “Multicast Policy“, then click “Apply” to save the changes.
Continue reading Multicast Routing of Apple’s Bonjour with FortiGate WiFi