When upgrading HP Comware switches that are part of an IRF stack, you want to use In Service Software Upgrade (ISSU). This allows you to do a rolling upgrade of the firmware while limiting the impact to just 1 switch in the stack. ISSU will reboot 1 switch in the stack, wait for it to come back up and then moves on to the next switch. Types of ISSU There are 3 types of ISSU: ...
If you’ve ever had the “pleasure” of building an IPSec tunnel between 2 endpoints from different vendors, you’ll know how smooth that usually goes. Today I was building a tunnel between a Fortigate 70D and an Axsguard Gatekeeper, as you can guess, things didn’t go as planned. Fortigate Let’s start by creating the tunnel on the Fortigate. Create a new tunnel and select the Custom VPN Tunnel template. Next, fill in all the phase 1 settings. In this example, I’m using 3DES and SHA1. While 3DES is still considered as secure, I would recommend against using it in production, mainly because of the speed. If you want to use the public IP address as the local ID, leave the field empty. Fortigate will automatically send its public IP as the local ID. Keep this in mind when you’re behind a NAT device. ...
While setting up a new Fortigate 30D for a client, I wanted to add a new VLAN for the guest Wi-Fi network. Usually, you just go into Network - Interfaces and add a new Interface there. On the 30D however, this option wasn’t there. After changing the device from switch mode to interface mode and back, I figured you can’t do it in the GUI. The only way to do it on a 30D is by using the CLI. ...