FortiClient EMS ZTNA: No Matching Rule Found
ZTNA fails with "no matching rule", because FortiClientEMS connectoin to FortiGate files, because of Let's Encrypt Root YE
Recent posts
ZTNA fails with "no matching rule", because FortiClientEMS connectoin to FortiGate files, because of Let's Encrypt Root YE
Docker Primer Docker is a default way Linux server software gets shipped and run today. Under the hood Docker is a thin wrapper around two old Linux kernel features: namespaces (process, network, mount, user, ...) and cgroups (resource limits). It is not a virtual machine. The container shares the host kernel. Core ...
IP Route Cheat Sheet Across Vendors As a network admin you jump between vendors all day long, and every box wants a slightly different incantation for the same four operations: show the routing table, add a static route, set a default route, remove one. This is a quick reference for the boxes I see most often. All e...
Btrfs (B-Tree File System) is a modern copy-on-write filesystem for Linux, integrating volume management and RAID features directly at the filesystem level. This cheat sheet covers multi-disk volumes, RAID1, on-the-fly compression, checksumming, online expand/shrink, subvolumes and snapshots, plus the essential mkfs.btrfs, btrfs filesy...
Problem: after unmounting a LuKS crypted device, "cryptsetup close" fails with "Device is still in use", even though it is not mounted anymore. ...
Problem: A newly set up web server with working https cert is not reachable by some people with a certificate error. Discussion: After checking the cert info, you can see that the cert issuer is not the real one but FortiNet. The user is behind a FortiGuard firewall with WebFilter. Paranoid FortiGuard sysadmins may b...
Problem: When installing any package with pip in a venv python environment you get this error: WARNING: pip is configured with locations that require TLS/SSL, however the ssl module in Python is not available. We got this error on a Linux Debian machine, that had the latest Debian Bookworm running, but was an older ...
TL;DR: If you experience poor network performance on your wireless notebook, Microsoft may be using your device as a download server without your consent. Problem : I noticed a high number of requests between Windows clients in different network zones on a customer's firewall. It appeared that almost every client w...
Problem: ssh rejects connecting to old servers with this error: # ssh SRV Unable to negotiate with SRV port 22: no matching host key type found. Their offer: ssh-rsa or Unable to negotiate with SRV port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-...
Problem: you find a key and a cert file on your server, and want to check if the cert matches the key. Solution: Check the modulus (n=p*q) of both key and cert to see if they are equal. $ openssl rsa -modulus -noout -in yourrsa.key Modulus=C8BEE8B687CC... $ openssl x509 -modulus -noout -in yourrsa.crt Modulus=C8BEE8B...