top of page
Search

Use Case Explorer - Nested IPSEC Cisco to FortiGate
Hoo boy! It's been a minute since I've last written, or recorded anything. 2024 was a whirlwind year, and a lot went on then. Thank you...
Matt Sherif
Feb 238 min read
149 views
0 comments


Feature Explorer - Threat Feeds
Threat feeds are helpful fabric connectors that allow you to dynamically whitelist or blacklist traffic, file hashes, and domains. In...
Matt Sherif
Dec 18, 20231 min read
374 views
0 comments
Use Case Explorer - Part 1 - On boot VPN using machine/computer certs, and post login SAML VPN
Some IT organizations like to image laptops and ship them out to remote users without having to cache user credentials. For organizations...
Matt Sherif
Apr 14, 20231 min read
1,096 views
0 comments


Use Case Explorer - Terminate SSLVPN to loopback
Terminating SSL VPN to a loopback offers a lot more flexibility by means of security, filtering and inspection. In this video we take a...
Matt Sherif
Dec 30, 20221 min read
1,263 views
0 comments

Use Case Explorer - FortiSASE Secure Private Access (SPA)
Update: As I was deploying my other spokes I realized spoke to spoke connectivity wasn't establishing, and routing correctly. I have...
Matt Sherif
Dec 23, 20222 min read
234 views
0 comments


Use Case Explorer - FortiSASE SIA
In this video we take a look at Securing Internet Access - say in lieu of DNS filtering services, or zecure internet access services....
Matt Sherif
Dec 6, 20221 min read
94 views
0 comments


FortiOS Conditional API Call using iOS Shortcuts
A colleague of mine asked a question "can you enabl/disable a policy using the FortiOS API with the iOS shortcuts app?". It turns out...
Matt Sherif
Nov 26, 20221 min read
486 views
0 comments


Things that scare you
I had a customer call me panicking that their FortiGate CPU was pegged at 100%, while sitting idle. My first question was "What firmware...
Matt Sherif
Nov 12, 20221 min read
312 views
0 comments


How To: MC-LAG with FortiGate Switch Controller
In this video we take a look at how you can set up MC-LAG on FortiGate managed FortiSwitches. Thank you for watching, I hope this helps.
Matt Sherif
Nov 9, 20221 min read
1,698 views
0 comments

UltraBit - Get Factory Default Configuration for any FortiGate
Let's say you had to prepare a configuration for a FortiGate not in your possession. Typically a good starting point is the factory...
Matt Sherif
Aug 31, 20221 min read
384 views
0 comments


Intro to FortiGate Series 3.5 - Setup Decisions part 2
In this video we follow on from the previous module, adding a high level look at VDOMs and admin accounts.
Matt Sherif
Jun 14, 20221 min read
97 views
0 comments


Intro to FortiGate Series Module 3: Setup decisions
In this video we take a look at a few setup decisions that should be made prior to putting a FortiGate into production.
Matt Sherif
Jun 14, 20221 min read
117 views
0 comments

Intro to FortiGate Series Module 2: Initial configuration
Starting where we left off in Module 1, we take a look at: Factory Reset / Log disk format WAN/LAN Addressing LAN Services (DHCP, DNS,...
Matt Sherif
May 26, 20221 min read
94 views
0 comments


Intro to FortiGate series
Fortinet has come a long way in 22 years. And as they've started to lead in the network and cybersecurity market, I wanted to create a...
Matt Sherif
May 19, 20221 min read
156 views
0 comments

UltraNote: Some Unknown Error during SAML Single Logout
In a couple of my posts I noted that the Single Logout would need to be signed, and seemed to work fine despite a message that's...
Matt Sherif
Mar 22, 20221 min read
145 views
0 comments

Implementation Guide: FortiGate SSL VPN with Okta MFA using SAML
You may be wondering didn't you already post a redirect to Kim Frellsen's blog on this? Yes, yes I did. Here's the thing though, I came...
Matt Sherif
Mar 20, 20224 min read
1,243 views
0 comments
UltraNote: AD FS SSL VPN Clock Skew
In assisting a customer with the AD FS configuration we encountered some difficulties in redirection. The particular issue looked like...
Matt Sherif
Mar 7, 20222 min read
85 views
0 comments

FortiGate SSL VPN Authentication with AD FS
Update: including steps for tunnel based VPN as well. Update 3/10: updated assumptions I am starting to think we've pretty much covered...
Matt Sherif
Feb 26, 20225 min read
2,093 views
0 comments

FortiClient Cloud - API Access
I'd first like to start off this post by wishing everyone a happy and safe new year! It's been almost 3 months since my last post, things...
Matt Sherif
Jan 24, 20223 min read
413 views
0 comments

UltraNote: Let's Encrypt certs in FortiOS 7.0.2
To stay sharp, I find myself rebuilding my lab from time to time. This latest run I did so with FortiOS 7.0.2. One of the first things I...
Matt Sherif
Nov 8, 20212 min read
919 views
0 comments
bottom of page