scsd/scsd-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: scsd:0407d14e7182f61179bcf8b3ca79880f55d6bed0
Branches Tags
scsd:main
...
compare: scsd:ce6aed98020cb2ae79db7e3d8f97ded05d6de15c
Branches Tags
scsd:main

2 Commits
0407d14e71 ... ce6aed9802

Author SHA1 Message Date
John Poland
ce6aed9802 fortigate-backup Thu Feb 5 08:47:06 PM EST 2026 2026-02-05 20:47:06 -05:00
John Poland
68280704c6 fortigate Thu Feb 5 08:47:06 PM EST 2026 2026-02-05 20:47:06 -05:00
3 changed files with 1290 additions and 1274 deletions
Show Stats Expand all files Collapse all files

2404
configs/fortigate/fortigate.conf
View File

File diff suppressed because it is too large Load Diff

4
configs/fortigate/global/system.cfg
View File

@ -701,6 +701,7 @@ config system admin
next next
edit "josoto.admin" edit "josoto.admin"
set trusthost1 10.1.6.126 255.255.255.255 set trusthost1 10.1.6.126 255.255.255.255
set trusthost2 10.1.40.0 255.255.255.0
set accprofile "super_admin" set accprofile "super_admin"
set vdom "root" "scsd" set vdom "root" "scsd"
set password ENC *HIDDEN* set password ENC *HIDDEN*
@ -1090,6 +1091,9 @@ end
config system snmp sysinfo config system snmp sysinfo
set append-index enable set append-index enable
end end
config system autoupdate schedule
set frequency automatic
end
config system central-management config system central-management
set type fortiguard set type fortiguard
end end

156
configs/fortigate/vdom_scsd/vpn.cfg
View File

@ -638,84 +638,6 @@ config vpn ssl web portal
set heading "SCSD-USER-PORTAL" set heading "SCSD-USER-PORTAL"
next next
end end
config vpn ssl settings
set banned-cipher SHA1 SHA256 SHA384
set servercert "StarCert-Expire03202026"
set idle-timeout 3600
set auth-timeout 36000
set login-timeout 180
set tunnel-ip-pools "SSL_VPN_Range"
set dns-server1 10.1.40.10
set dns-server2 10.21.48.10
set source-interface "outside"
set source-address "all"
set source-address6 "all"
set default-portal "tunnel-access"
config authentication-rule
edit 1
set groups "SSL_VPN_Full_Access"
set portal "SCSD_VPN_FULL_Portal"
next
edit 2
set groups "VPN_SchoolTool_Group"
set portal "SchoolTool_Portal"
next
edit 4
set groups "VPN_Web_Servers_Group"
set portal "Website_Server_Portal"
next
edit 5
set groups "VPN_DayAuto_Group"
set portal "DayAutomation_Portal"
next
edit 6
set groups "VPN_Security_Group"
set portal "Security_Portal"
next
edit 7
set groups "VPN_Hyperion_Group"
set portal "Hyperion_Portal"
next
edit 8
set groups "VPN_Peoplesoft_Group"
set portal "Peoplesoft_Portal"
next
edit 9
set groups "VPN_WebCRD_Group"
set portal "WebCRD_Portal"
next
edit 10
set groups "VPN_Access411_Group"
set portal "Access411_Portal"
next
edit 11
set groups "VPN_DocHolliday_Group"
set portal "DocHolliday_Portal"
next
edit 12
set groups "VPN_Access_Control_Group"
set portal "AccessControl_Portal"
next
edit 13
set groups "VPN_Auditor_Group"
set portal "Auditor_Portal"
next
edit 14
set groups "FortiGateAccess"
set portal "Azure_Test_Portal"
next
edit 15
set groups "SSL_VPN_SCSD_USER"
set portal "SCSD_USER_PORTAL"
next
edit 16
set groups "SSL_VPN_SCSD_USER2"
set portal "SCSD_USER_PORTAL"
next
end
set http-request-header-timeout 60
set http-request-body-timeout 60
end
config vpn ssl web user-bookmark config vpn ssl web user-bookmark
edit "vpn_user1#SSL_VPN_Full_Access" edit "vpn_user1#SSL_VPN_Full_Access"
next next
@ -834,6 +756,84 @@ config vpn ssl web user-bookmark
end end
next next
end end
config vpn ssl settings
set banned-cipher SHA1 SHA256 SHA384
set servercert "StarCert-Expire03202026"
set idle-timeout 3600
set auth-timeout 36000
set login-timeout 180
set tunnel-ip-pools "SSL_VPN_Range"
set dns-server1 10.1.40.10
set dns-server2 10.21.48.10
set source-interface "outside"
set source-address "all"
set source-address6 "all"
set default-portal "tunnel-access"
config authentication-rule
edit 1
set groups "SSL_VPN_Full_Access"
set portal "SCSD_VPN_FULL_Portal"
next
edit 2
set groups "VPN_SchoolTool_Group"
set portal "SchoolTool_Portal"
next
edit 4
set groups "VPN_Web_Servers_Group"
set portal "Website_Server_Portal"
next
edit 5
set groups "VPN_DayAuto_Group"
set portal "DayAutomation_Portal"
next
edit 6
set groups "VPN_Security_Group"
set portal "Security_Portal"
next
edit 7
set groups "VPN_Hyperion_Group"
set portal "Hyperion_Portal"
next
edit 8
set groups "VPN_Peoplesoft_Group"
set portal "Peoplesoft_Portal"
next
edit 9
set groups "VPN_WebCRD_Group"
set portal "WebCRD_Portal"
next
edit 10
set groups "VPN_Access411_Group"
set portal "Access411_Portal"
next
edit 11
set groups "VPN_DocHolliday_Group"
set portal "DocHolliday_Portal"
next
edit 12
set groups "VPN_Access_Control_Group"
set portal "AccessControl_Portal"
next
edit 13
set groups "VPN_Auditor_Group"
set portal "Auditor_Portal"
next
edit 14
set groups "FortiGateAccess"
set portal "Azure_Test_Portal"
next
edit 15
set groups "SSL_VPN_SCSD_USER"
set portal "SCSD_USER_PORTAL"
next
edit 16
set groups "SSL_VPN_SCSD_USER2"
set portal "SCSD_USER_PORTAL"
next
end
set http-request-header-timeout 60
set http-request-body-timeout 60
end
config vpn ipsec phase1-interface config vpn ipsec phase1-interface
edit "SRIC_BOCES" edit "SRIC_BOCES"
set interface "outside lag" set interface "outside lag"