New Filter Fun

I thought I would throw this out there for anyone that owns a Fortigate firewall appliance.

I had a Fortigate 300C (stock grill, custom rims) that seemed to be acting flaky but was nothing I could pinpoint.  Eventually, the flash disk would disappear from the configuration then re-appear out of the blue.  As time went on, the SQL database would corrupt and repairing it wasn't helping.  Soon, our web filter would randomly let folks get to certain places and not others (regardless of the actual filter settings).  I contacted Fortinet for an exchange.  The RMA process went very smoothly.  The subsequent unit install, however, did not.

Once the new unit was here (yesterday), I fired it up, used FortiExplorer to find it attached with USB cable and I imported a backup config into the new unit. So far, so good.  Well, no I forgot that I had to reboot the new unit at one point because it quit talking to my computer. I am sure that was operator error though.  Once the initial setup was complete, I used the old box to connect to Fortigate Support and convert the serial number to the new unit (they have an RMA exchange feature to do this - which, in a way, is a scary thought really). All seemed well.  I connected the new unit to our network, swapped cables and let it ride... to nowhere. The license did not transfer. I called tech support and they said it could be two hours before the license transfers. TWO HOURS!? Glad this isn't mission critical or anything.

Today, I fire up my computer and.. nothing. I still can't go anywhere. I get into the unit and several licenses have updated, others have not - web filtering being one. I call tech support. Now they tell me it can be up to 24 hours before the license transfers. Seriously!?  She said, "We suggest you keep the old unit in place until the license transfers." Through clenched teeth, I said, "If the other unit was working, I wouldn't have needed the new one in the first place!" 

We tried to force the unit to update. Nothing after 20 minutes. And then, it dawned on me:  The blocking message said that the license was expired and that pages may not be accessible with the filter enabled.  So, I disabled the web filtering, and TAH DAH - instantly updated the license.

I let the Fortinet tech department know that maybe they should consider including one bit of troubleshooting when a customer is doing an RMA transfer: Tell them to disable the web filter until the license transfer is complete.

File this away in case you have to RMA your Fortigate firewall/filter.

July 23-27

Monday - posted ESEA content to our web site, helped presenters with workshops, tested breakers for issue with accessible door mechanism. Working with Fortinet regarding our firewall. Other issues as they arise.  Working with Bradley schools regarding a bad desktop they have.

Tuesday - Teaching iPods and iPads in the Classroom

Wednesday - Will be in office.

Thursday - Will be in office.

Friday - Office Closed

July 16-20

Monday - Worked in office, taking care of presenters, meeting regarding various building-related issues, etc. Had to move my Genoa visit to Tuesday.

Tuesday - Went to genoa to help them set up their NAS.  the NAS itself was already configured, so I ran the iSCSI initiator in Server 2008 to connect the NAS. After a bit of trial and error, I got it going. The short version of the story is this: expand your columns in a display when possible. The end of the volume names was cut off because of the column width. Once I fixed that, I could see which volume to mount.  The next lesson was this: DELETE existing files rather than reformatting the NAS drive. UGH. 500GB takes a LONG time to format via NAS.

Wednesday - I taught Podcasting Using a Mac in the morning and then Social Networking for Schools in the afternnon.  One of the highlights: one participant created his podcast by simply recording another participant as she did her own project. Brilliantly creative. Though, would have failed a rubric assessment had there been one.

Thursday - Talked with DirecTV about getting service. Still working on that. Had firewall issues. Fortinet is sending RMA (and hopefully a new unit to swap out). Worked with the HVAC guys on a problem unit we have. They will be here on the 25 to adjust the tilt of the unit.

Friday - Offices Closed.

Wednesday Morning

Well, i was supposed to attend a tech meeting in Prescott this morning, but one of the air conditioning units wasn't working.  I climbed a ladder and discovered an overflow pan FULL of water! I called our rep and made sure I knew what to do from last time. I was right: get rid of the water, reset the shut off sensors, clean out the drain pipe. The rep also gave us the price for installing a different filter system in the building and I passed the info to the Director.

A quick run to Wal-Mart netted me a wet/dry vac and 5 (five) cases of water for the vending machine. Yes, I had a wet/dry vac and tons of water in the same buggy.  The irony was not lost on me.  After a bit on ingenuity, I finally got the shop vac to reach the overflow tray. I started sucking water.  After short time, the vac quit. I had filled the 5 gallon tank already. Ouch.

I made a mess getting the vac to our disposal grate, so I cleaned that up and headed back up the ladder to suck more water. When the vac quit the second time, I had a better feel for what I needed to do, and made no mess. I emptied the vac, went back for round three.  There must have been close to 13 gallons of water in that tray - at least going by the vac's capacity.

I cleared the drain, reset the sensors and immediately the unit fired up.  Unfortunately by this time, the meeting (20 miles away) was well underway.

I spent the rest of the morning updating global contacts for our organization. 

Let's see what the afternoon holds!

July 9-12, 2012

Monday, I worked on the laptops. In my previous post, I said the Acer problem was fixed last week. My days have run together. The problem was fixed on Monday, July 9. I know that makes little difference in general, but it matters for record-keeping.  in any case, I continued installing software on the now-fully functioning laptops.

The cross-shipped desktop was in the mail room, so I planned to install it on Tuesday.  Also on Monday, I set up two ultra books and helped various personnel with general troubleshooting issues.

Tuesday, I hooked up the replacement desktop and started installing software. I also began installing Lion on my MacBook.  Did I mention I installed Lion on all the computers in the computer lab? I can't remember. Well, I installed Lion on all of the Macs.

I set up our new GT person's laptop and gave it to her. I helped folks with other issues. One problem that came up: shading half of an excel cell.  I found a way to use angled text and fills to make it look like a cell was half-filled, but it is an ugly solution. Online searched yielded nothing useful.  That's a feature someone might want to implement.

Wednesday, I have a tech meeting at Prescott.  Thursday, I plan to be in the office to finish up the lab installs.

Last Week

Last week was crazy for being a short week. We received our new lab computers, a combination of desktops and laptops.  I had help getting the hardware connected and then I also had some help installing the software.  On Tuesday, everything was going about as smoothly as could be expected until I hit a snag with the laptops. (Hmm, maybe that snag started Monday, now that I think of it).

We ordered Acer laptops. The RFQ specified that the laptops had to have Win7 Pro. The laptops came with Home Premium and an upgrade to Pro. Not a major issue. Except, it was. The upgrade was for educational volume licensing. Home premium is retail. I called Microsoft and the rep walked me through what to do (install VLPro using the VL License Keys).  Okay, extra work, but nothing major. Wrong. The laptop drivers do not support VL Pro7. Or maybe just not Pro. Whatever.

I spent some considerable time trying to find a fix. I got the wireless cards working, but still no video. I went ahead and installed software using the generic VGA drivers. No use wasting too much time. I continued to look for a solution. Nothing.

In any case, I left late Tuesday night with things fine on the desktop side and not-so-fine on the laptop side.

Off Wednesday for the 4th.

Thursday, I returned and fired up the desktops. I also called the sales rep and Acer about the laptops. Since I removed the preinstalled software, I voided warranty support for the software. Yay me. I told the Acer rep i would need approval for the fee he wanted to charge to get things working.  Instead, I searched using different terms and came up with people having similar problems on different machines.  The fix was to get the VEND_ID from Device Manager and find a comparable card in the vendor's INF file, make a few changes, and try again.

That worked. The systems think they have an "older" version of the video card, but who cares. What matters is that the driver installed (after telling Windows it was okay that it didn't match 'exactly.') and I could move forward. Sort of.

One of the desktops (Lenovo) had booted into "Recovery Mode." I thought this was weird, but rebooted and watched as it did the same thing.  I figured I would boot to safe mode, use "last known good config and get things sailing. I was wrong.  On the third attempt, the system would not boot up after I had shut it down.  I looked at the network card on back, and got a light. I opened the case, unplugged the power, plugged it back in and the CPU fan spun a time or town then stopped.  That's normal behavior for a computer that isn't trying to boot.  This let me know that things were getting power. Well, at least SOME things.  The computer would not come on.  I contacted the vendor.  Within two days, I had a cross-shipped replacement. Now, THAT is service.