The AnyConnect client provides remote end users running Microsoft Vista, Windows XP or Windows 2000, Linux, or Macintosh OS X, with the benefits of a Cisco SSL VPN client, and supports applications and functions unavailable to a clientless, browser-based SSL VPN connection. In addition, the AnyConnect client supports IPv6 over an IPv4 network. The AnyConnect […]
November 25, 2010
Checkpoint is not a cli based firewall, the cli is generally (in the daily life) not used. What the admin wants, can do through the GUI. For troubleshooting purposes or just query something there are some useful commands. In this list I tried to collect what I already had to use (or wanted to try […]
November 25, 2010
It is not a bad idea if you have a L3 Device that you can reach whenever you want and that has all the basic troubleshooting tools like nslookup, netcat, tcpdump, openssl, ssh, openvpn… A Netgear WRN3500L router with ddwrt can be really helpful. It provides you WLAN access at home, access to your NAS […]
November 25, 2010
On Nokia Firewall you have to install to things: – IPSO image – Checkpoint Firewall package The first one is the operating system, the second one is the firewall software. If you want to upgrade your operating system then you do not have to reinstall the Firewall software as well. Image upgrade is possible through […]
November 25, 2010
0. Specification of the test enviroment 0.1 Softwares Tested Operating Systems 1. OpenSUSE 11.0 2. Fedora 9 Kernel versions Linux linux-jnwt 2.6.25.20-0.1-pae #1 SMP 2008-12-12 20:30:38 +0100 i686 i686 i386 GNU/Linux Mail server netqmail-1.06.tar.gz ucspi-tcp-0.88.tar.gz daemontools-0.76.tar.gz AntiVirus clamav-0.94.2.tar.gz Spamfilter Mail-SpamAssassin-3.2.5.tar.gz Mail scanner qmail-scanner-2.05.tgz maildrop-2.0.4.tar.bz2 DNS djbdns-1.05.tar.gz In my test the folder for all downloaded files […]
November 24, 2010
Step 1. General informations Objectives Authenticate users in LAN for Internet access Content filtering for Internet traffic: URL filtering Virus scanning Advert blocking Customized information of block reasons for users Content Caching Not detailed Installations of programs QoS with Squid proxy server Controlling users max IP address with Squid proxy server Encrypted authentication with LDAP […]
November 24, 2010
This document is not up to date as the firewall is PIX. Maybe the ASA codes have the same command as this old PIX. I did not have time to test it. Use the following commands to check your PPPoE interface: show ip address outside pppoe show vpdn session pppoe show vpdn pppinterface show vpdn […]
November 24, 2010
For the following examples to use you will need unix (awk, grep, sort, uniq,…) commands. TASK1. Filter to the Dual ISP feature’s syslog messages from pix_log.txt file that is a log file for a day. Solution: Log file name: pix_log.txt 1. Collect Dual ISP feature’s syslog messages from Cisco UniverCD: 622001 327001 – 327003 422004 […]
November 23, 2010
1. Identify the attack. 1.1. How did Customer notice the attack? – Slow Internet access – High performance on the attacked device: – local server – the firewall – etc… 1.2. How can we confirm the attack? Depending on the time of the issue we can have an attack: A, happened in the past. We […]
November 23, 2010
On the Cisco ASA Firewall can we configure a backup link, for example a backup Internet link. That means if our Internet access has some problem, we still have a backup link to access the Internet or whatever we want. The configuration is not part of this documentation, it is only useful if there is […]
November 28, 2010
0