Introduction The deployment of dual WAN firewall solutions in branch offices is often required to ensure fail-over for unreliable WAN connections. This type of deployment however can add additional complexity compared to a full BGP setup using capable routers. With
Introduction IP tracking can be used to change routing based on the connectivity of configured IP addresses. This can be used with either default routes or static routes which in normal circumstances would not change in the event of reachability
Introduction If you’ve ever needed to investigate a site to site tunnel which is down at 05:00 in the morning, this might just help you get to the bottom of it a bit faster. Steps to take Access your firewall
Introduction You’ve performed a code upgrade on an ASA firewall and suddenly Rancid decides it won’t login. You’ll get the message: spawn ssh -c 3des -x -l <user> <device> no matching cipher found: client 3des-cbc server aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr Error: Couldn’t login:
Introduction If you’re using the Sophos UTM9 as a reverse proxy then you will need to install certificates on the UTM to present to the client when they are browsing those secured sites. The UTM will need the file in
Introduction If you’ve got the Sophos UTM up and running in your home network then you may come across this issue at some point. I was using UTM9’s web protection for quite some time and suddenly starting receiving emails to
Introduction I noticed in Gmail recently they started warning when email messages weren’t encrypted in transit. When I say transit I mean when a message leaves your email server and sends to another mail server / edge server for another
Introduction The problem I was having was as follows. 3 Juniper devices in a hub and spoke topology, 1 HQ and 2 Branch. The 2 Branch firewalls were actually just basically identical configs in one branch on separate DSL lines.
Introduction I’m adding this here cause sometimes I’m dense and I forget the command. Command Examples copy running-config scp://dave@myVM/home/dave/running-config-scp Source filename [running-config]? Address or name of remote host [myVM]? Destination username [dave]? Destination filename [home/dave/running-config-scp]? Cryptochecksum: 5b1178ff 4db70c26 45645f8f 7ec33023
Introduction You no longer need to continue using self signed certs as StartSSL offer them for free. If you need to replace or install a cert for the first time to use with an SSL VPN then this is how to achieve