Planes on parade

With the enforced solitude, I have been going back through and editing some of the plane photos that I have taken. Here are a couple that were dark and not good looking. So I went through and punched up the colors on them to make them look better. These were both taken during the 2017 Planes of Fame Airshow. Happy with how the end results have come out and what they look like.

 

2017 5 6 Chino Airshow 16422017 5 6 Chino Airshow 4487

F-117 Nighthawk Early Preview at Palm Springs Air Museum

Went to an early access preview of the F-117 Nighthawk display at the Palm Springs Air Museum. The plan had just been received and they hadn’t started restoring it yet. So it’s shown with all or the RAM(Radar Absorbing material) removed along with the engines and some other vital components. The plane was an active participant in Desert Storm and other conflicts. Due to the secrecy of the technology and the plane Lockheed Martin and the Military wouldn’t allow for it to be decommissioned with the full technology that it had in production. The plane was impressive to see up close and in person, even in the drab gray and missing some of the bumpers around it. The engineer that spoke during the presentation was also interesting and told some good stories about his experiences with developing the plane along with stories from some of the pilots that flew the plane into battle.2020 11 27 F 1170702

2020 11 27 F 1170873

2020 11 27 F 1171007

Scuba Diving in Farnsworth Banks

I went diving for the first time at Farnsworth Banks on the backside of Catalina Island. It was a different experience since this is a site that is on the ocean side of Catalina and not protected between Catalina and the West Coast of California. I had wanted to dive this site before and never had the chance to before. I went out on the Magician dive boat and did two dives on the site. I should have spent some time doing some research on the site as it was a little jarring to find out that when I descended down the anchor line I found myself at 80 feet. Also I brought the wrong camera rig for this site as I didn’t have any external illumination for my Go Pro so a lot of my shots came out rather dark and grainy as the Go Pro tried to recover and get something usable. Unfortunately most of the footage and none of the images are good enough in my opinion.

 

UntitledImage

Scripts to migrate hosts from ASA to Fortigate

For my job I am in the process of migrating from an ASA to a FortiGate firewalls. Part of this has been moving the configuration that we already have in place on the ASA and translating it too FortiGate. I needed to convert several address lists. Some of those address lists where hundreds of addresses long and I didn’t want to type those in. So I started using my python skills to build out the configuration by taking in a list of the ip addresses and then outputting the configuration needed for the FortiGate firewall.

Here is the current version of that script:

# variables needed througout:
file = input(“Name of file? “)
title = input(“Name of hosts and group? “)

addresses = open(file, “r”)

print(“config firewall address”)

incr = 1
host_entries = ‘set member’
for address in addresses:
    address = address.rstrip(‘\n’)
    print(‘edit “H_’ + title + str(incr) + ‘”’)
    host_entries = (host_entries + (‘ “H_’ + title + str(incr) + ‘”’))
    print(“set subnet ” + address + ” 255.255.255.255”)
    print(“next”)
    incr = (incr + 1)

print(‘end’)
print(“config firewall addrgrp”)
print(‘edit “G_’+ title + ‘”‘)
print(host_entries)
print(‘next’)
print(‘end’)

Microsoft MFA login with Fortigate and Forticlient for SSLVPN

Since I am tired of being a beta tester for Cisco products. I decided to try a different firewall this time around for my company. I looked at both Fortigate and Palo Alto as they seemed to be the leaders in the market right now. I did a bake off for features/functionality vs cost and Fortigate came out as the winner. The firewall was implemented with minimal issues and has been working flawlessly for us. While we were on this project we are also in the process of moving to Azure AD so I decided to combine the Microsoft MFA with our new firewall/vpn solution to save ourselves some money since then we wouldn’t need another 2 factor solution.

I went through the documentation from Fortigate and Microsoft on setting up the SAML authentication and it was pretty good for the most part. Here was the main document that I followed to get everything setup:
https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/fortigate-ssl-vpn-tutorial
I did run into a few issues that I had to fix to get everything working with group memberships, so that users would be enabled to login based on their group and would have the correct policy applied to them.

Here are some things to be aware of and the changes I needed to make:

1. You must be on the 6.4.x code for Fortigate. There are issues with the lower code versions and SAML not working correctly or populating the tables with the necessary information.
2. Wipe out all of the extra entries under Users and Attributes Claims in Azure AD. This is all you should have:
UntitledImage
3. Here is the necessary configuration on the Fortigate side:
config user saml
edit “azure”
set cert “Fortinet_Factory”
set entity-id “https://XXXXXXX/remote/saml/metadata”
set single-sign-on-url “https://XXXXXX/remote/saml/login”
set single-logout-url “https://SSSSSSSS/remote/saml/logout”
set idp-entity-id “https://sts.windows.net/6XXXXXXX/”
set idp-single-sign-on-url “https://login.microsoftonline.com/XXXXX/saml2”
set idp-single-logout-url “https://login.microsoftonline.com/common/wsfederation?wa=wsignout1.0”
set idp-cert “REMOTE_Cert_2”
set user-name “username”
set group-name “group”
next
end

After these changes everything worked perfectly, I am now in the process of rolling out our new vpn to the users in the company along with the Microsoft MFA client.

Sony A9ii Settings for airplane photography

Here are the settings that I am using for my Sony A9ii for taking pictures of airplanes while moving through the air. The lens I use for this most days is the 100-400.

Aperture – F14 or below so that Phase Detect will still work for the auto focus
Raw or JPG – RAW, since the camera is so fast it can keep up with just about anything
Metering Mode – Spot so that I can capture the frame
Shutter Speed – Trying to get as low as 1/160 for prop planes for jets as fast as possible to catch them as they fly by.
Focus Mode – Continuous + Wide with Tracking, the camera auto focus is so fast that it catches the planes pretty quickly
Exposure Compensation – usually + 2/3 if it’s dark plane on a bright sunny day, this helps bring out the colors of the plane.
Frame Rate – Continuous Mid – I find that high fills the buffer and mid gets more than enough shots.
ISO – as low as possible, unless it’s an overcast day and then I will move it to Auto-Iso to maintain the shutter speed when needed.