Generate SSL Certificate with PowerShell

Steps to Generate SSL Certificate with PowerShell Replace the $CommonName & $SANNames with your own FQDN to be included in SSL Certificate #Prepare CSR File with SAN $CommonName = “webmail.aventislab.com” $SANNames = @(“autodiscover.aventislab.com”,”mail.aventislab.com”) $Date = (Get-Date).ToString(‘ddMMyyyy’) $ReqFile = “Cert_Req-$CommonName-” + “$Date” + “.csr” $InfFile = @” [NewRequest] Subject = “CN=$CommonName” KeySpec = 1 KeyLength = … Read moreGenerate SSL Certificate with PowerShell

Extend Layer2 Network Across Data Center with FortiGate VXLAN

I had prepared a lab to study the concept of how to Extend Layer2 Network Across Data Center with FortiGate VXLAN What is VXLAN Virtual eXtensible LAN (VXLAN – RFC7348) act as Layer 2 virtual networks over Layer 3 physical networks to stretch Layer 2 networks. It uses MAC Address-in-User Datagram Protocol (MAC-in-UDP) encapsulation. The … Read moreExtend Layer2 Network Across Data Center with FortiGate VXLAN

Install PowerShell Core with PowerCLI on ubuntu 18.04

Steps to install PowerShell Core with PowerCLI on ubuntu 18.04 Switch to root and install PowerShell Core #Switch to root su – # Download the Microsoft repository GPG keys wget -q https://packages.microsoft.com/config/ubuntu/18.04/packages-microsoft-prod.deb # Register the Microsoft repository GPG keys sudo dpkg -i packages-microsoft-prod.deb # Update the list of products sudo apt-get update # Install PowerShell … Read moreInstall PowerShell Core with PowerCLI on ubuntu 18.04

Sample Preventive Maintenance Reports with PowerCLI

Refer to the list of Sample Preventive Maintenance Reports with PowerCLI Connect to vCenter with PowerCLI #Import VMware Module Import-Module VMware.VimAutomation.Core $vCenter = “10.253.24.16” $User = “administrator@vsphere.local” $Password = “P@ssw0rd” Connect-VIServer -Server $vCenter -User $User -Password $Password -WarningAction SilentlyContinue To get hardware inventory for all VMware ESXi host $VMHosts = Get-VMHost Foreach ($VMHost in $VMHosts) … Read moreSample Preventive Maintenance Reports with PowerCLI

PowerShell Script to Join AD Domain

PowerShell Script to Join AD Domain Verify DNS Server is configured correctly #Verify DNS Server $DNSServer= “192.168.1.200” if ((Get-DnsClientServerAddress -InterfaceAlias “Ethernet0” -AddressFamily IPv4).ServerAddresses -eq $DNSServer) { Write-Host -ForegroundColor Green “DNS Server is” $DNSServer } else { Set-DnsClientServerAddress -InterfaceAlias “Ethernet0” -ServerAddresses $DNSServer } Prepare an AES Key file to encrypt the Password for Domain Administrator and … Read morePowerShell Script to Join AD Domain

Configure FortiGate SSL VPN Authentication with AD

Steps to configure FortiGate SSL VPN Authentication with AD (Active Directory) Create a LDAP Server in FortiGate AD Server = 192.168.1.200 cnid = sAMAccountName” config user ldap edit “UAT-AD01” set server “192.168.1.200” set cnid “sAMAccountName”” set dn “dc=uat,dc=aventislab,dc=com” set type regular set username “uat\\administrator” set password P@ssw0rd end Verify the LDAP connection is established successfully … Read moreConfigure FortiGate SSL VPN Authentication with AD

Configure Outbound NAT in FortiGate with CLI

Steps to configure Outbound NAT in FortiGate with CLI Ubuntu is accessing Internet via 121.121.43.50, and we would like to change it to 121.121.43.51 curl -4 icanhazip.com 121.121.43.50 Create an object for Internal Server config firewall address edit “wp5” set subnet 192.168.1.250 255.255.255.255 end Create an IP POOL for public IP Address config firewall ippool … Read moreConfigure Outbound NAT in FortiGate with CLI

Configure Remote SSL VPN in FortiGate with CLI

Steps to configure Remote SSL VPN in FortiGate with CLI Create a “ssl.root” interface for SSL VPN Tunnel config system interface edit “ssl.root” set vdom “root” set type tunnel set alias “Remote SSL VPN interface” end Create a pool of IP (10.28.28.10 – 20) to be assigned to Remote SSL VPN Users config firewall address … Read moreConfigure Remote SSL VPN in FortiGate with CLI

Import Let’s Encrypt SSL Certificate to FortiGate with CLI

Please refer to steps below on how to import Let’s Encrypt SSL Certificate to FortiGate with CLI Enable the Certification Tab in GUI config system global set gui-certificates enable end You can import the PFX Certificate to FortiGate with GUI now You have to separate the PFX to privatekey.pem and publiccert.pem prior importing it to … Read moreImport Let’s Encrypt SSL Certificate to FortiGate with CLI

Configuration of Site to Site VPN with ASAv using CLI

Steps to perform configuration of Site to Site VPN with ASAv using CLI Enable IKEv2 crypto ikev2 enable outside Create object for DR Site object network Site-DR subnet 20.20.8.0 255.255.255.0 Create an ACL to allow traffic from PROD to DR Site access-list ACL_S2S_DR extended permit ip object Site-RPOD object Site-DR Create a rule for traffic … Read moreConfiguration of Site to Site VPN with ASAv using CLI