Monthly Archives: July 2016

When Fortigate ips engine and AV engine fuck everything !

Since the beginning we have always trouble about choosing wrong hardwares , developer issues like handle sessions with single core , then ASIC things , its always changing  NPx support something NPy support more , end of the day you will always have NPx/y/z/t/u what released but cost is another issue but don’t worry providers always things these are usual things. Hope one day with DPDK or another technology will help us to use firewalls without ASICs and without need always buy new hardwares. (I know you know SDDC , SDN also i know ! )

I know this device is UTM , UTM is somehow fancy things, you know you shouldn’t use , know what will happen but you have to because of some situations (for ISPs)

AV issues , IPS engine issues , conserve mode ! I don’t how you really protect my device and network behind

Big problem AV and memory , still can not understand small to bigger devices why more ram is not used ! Memory is expensive ? or maybe still 32 bit ! What developers can’t handle ?

at the end AV full the ram , whole device under stress and communication issues , BGPs or OSPF are gone ! :(((

For AV its not working like a linux services or something ? you should kill it ! Step by Step , each process , disabling AV is not helping every time

Login your device , switch to config global (it is also command ) then execute diagnose sys top see the processed press q and leave to console execute diagnose sys kill 11 <process_id> . Here we are using because maybe some outputs we could have then fallow console for mem usage.

Another issue is ips engine , so understandable command diag test 🙂 lovely , its not meaningful for me but meaningful for developer or who maintain cli commands

diagnose test app ipsmonitor

You will see nice options and choose what you exactly want , restart , stop , start , get status

Also if you run cluster then consider do same things on slave 🙂 to switch slave

  • config global
  • get system ha status
  • exec ha manage 1 (mostly)

Good fixes !


Windows Time Server Configuration

Really i hate to write out this article but i have to !

Finally i find out working one , hope its help for you too !

its really hard to understand where is gone time server configuration after promote active directory

its really hard to understand the way of clear configuration of time

its really hard to understand why multiple too many article explaining this and its working for some but not others

maybe its hard to understand me ! Okay forgot everything because its working now 🙂

First clear all configs , all of time config if your are not sure , execute such commands step by step

Not: Unregister process for clear config , sometimes its giving an error but don’t worry its %100 working

C:\Users\Administrator>net stop w32time
The Windows Time service is stopping.
The Windows Time service was stopped successfully.
C:\Users\Administrator>w32tm /unregister
W32Time successfully unregistered.

C:\Users\Administrator>w32tm /register
W32Time successfully registered.

C:\Users\Administrator>net start w32time
The Windows Time service is starting…
The Windows Time service was started successfully.

Then tricky thing is someone execute commands and saying working but someone its not !

Step by step execute such commands ….

w32tm /config /syncfromflags:manual

w32tm /config /manualpeerlist:”” (Replace ntp server with your one ! )

w32tm /config /reliable:yes ( Fuck your reliability )

net stop w32time && net start w32time

Then for some troubleshooting tips

w32tm /query /peers (to see the peers are active)

w32tm /query /status (to see everything is fine)

w32tm /query /status (to force sync)

Thats it !

See you