Enabling disk logging on a FortiGate

Fortigate’s logging typically isn’t the best - but it’s bad when you have no logs at all, which seems to be the default. To enable logging on fortigate models with an internal SSD/HDD use the following command: config log disk setting set status enable You can now collect and view your logs in the Log & Report section. N.B. As of FortiOS 5.2 this has been disabled on all SMB class (100D and below) units....

December 2, 2013 · Myles Gray

Installing MegaRAID Storage Manager on openSUSE

Introduction Centrally managing your storage is nice - especially when you’ve just built your own SANs (or such). I created a synchronous replicating SAN cluster using LSI MegaRAID 9270-8i cards in 2x Dell R720XD chassis built on openSUSE 12.3 (more on that in another article soon). We are migrating from 2x Dell MD3000i to these beasts built on a pure-cli OS. Some people like GUIs and that’s okay - so for day-to-day admin, email reporting on problems and basic configuration and tasks LSI offer (free) MegaRAID Storage Manager ↗....

October 2, 2013 · Myles Gray

Syslogd on FortiOS 5.0.4

Again, Fortigate’s documentation falls down at the simplest of things, this time, syslogging - To get your Fortigate to log to a syslogger (like Kiwi/Splunk) you’ll need to go in via the CLI as they have removed this option from the GUI as of FortiOS v5.0. Log in via shell and enter the following: config log syslogd setting set status enable set server [ip.or.dns-name.here] end I have seen where people say you need to explicitly:...

September 18, 2013 · Myles Gray

Teaming ReadyNAS Ultra NICs

Introduction Netgear for some reason believe that ReadyNAS models that aren’t the “Pro” line don’t require network teaming across both their ethernet ports, so you have 2 network ports on your NAS, you’ve got your jumbo frames on and you want to configure load balancing/failover via the 2 interfaces. Of course the ReadyNAS is based on Debian linux, you could SSH into the box and use /etc/network/interfaces to configure a networking bond using: mode=balance-rr or using aggregated link spec 802....

September 12, 2013 · Myles Gray

Serial and USB Console on Mac OSX

Obviously nowadays when admining we mostly have laptops - laptops don’t tend to come with serial I/O ports anymore, so you buy a Serial -> USB adapter, say this one ↗ or any one with a legit (there are fakes) FDTI FT232RL chipset. Download and install the relevant drivers but where do we go from here? Specifically on mac, find your device’s tty name: cd /dev ls -ltr *usb* I added a handy little alias to my...

September 11, 2013 · Myles Gray

Change MTU to support Jumbo Frames in FortiOS

This info is quite hard to come across and Fortigate don’t have it in their GUI from FortiOS v5.0+, SSH into your Fortigate’s CLI and enter the following (it can be done on both software aggregated and standard interfaces): config system interface edit [interfacename] set mtu-override enable set mtu 9208 end end Confirm your MTU size change has worked on the given interface by plugging directly into it (test MTU in accordance to my guide here)....

September 9, 2013 · Myles Gray

How to test if 9000 MTU/Jumbo Frames are working

Introduction Fairly straight forward this time, you’ve configured your MTU/jumbo frames to be 9000 on your client and destination devices (say a laptop/desktop/server/san/nas) and on ALL your switching devices in between - you’ve done that right? ;) Testing So the next step is, we want to test if our new 9000 byte MTU is actually working and we can reap the benefits of a larger packet size (whether it’s on iSCSI, LAN, whatever) being of course a higher latency but also higher throughput....

September 9, 2013 · Myles Gray

Extend Dell MD3000i Virtual Disk LUN Size

I have had the need recently to expand a LUN on a Dell MD3000i SAN to above 2TB that is presented to VMWare ESX 5.1 hosts. There are a few caveats here: The VMWare datastore for 2TB+ LUNs must be VMFS-5 as it is now GPT based, not MBR. This can be updated on the fly without shutting down VMs (Configuration -> Storage, Click the Datastore -> “Upgrade to VMFS-5”) Expanding the virtual disks on MD3000i’s can only be done in CLI....

September 4, 2013 · Myles Gray

Fixing/Flashing a broken motherboard w/ SPIPGM2 and Serial

This details how to use a serial port and custom made cable to flash the BIOS on a motherboard that is not POSTing.

February 1, 2012 · Myles Gray