Category: Network

Multiple ISP Failover Routing…do you really know what you think you know?

I’ve run across many “network” admins out there and to be fair, many know what they’re doing on a basic level; but when it comes to network routing – the understanding is not understood? Assumption: Network layers; physical ie link detection are understood. For instance, the topic of failover or load-balance always enters a conversation. […]

Read More…

Test driving LinuxMint

So I decided to test drive LinuxMint because Fedora just wasn’t working for me on a refurbed Sony VAIO laptop. So far it’s great; everything installed just “works”. Did run into a problem but it appears to be symptomatic with all Linux distros where disabling Wireless on a laptop places it in Airplane Mode. Issue […]

Read More…

ARP Cache Spoof detection in an appliance

While slinking around on the Internet, I ran across this little appliance that shows to be a quick drop in solution. The device called “ArpDefender” can be found here and explained as: full-fledged LIDS (LAN IDS), tailored to what the best information security experts currently recommend for the LAN environment. ARPDefender serves to fill the […]

Read More…

Fortinet Wireless Webinar – interesting

Attended a Fortinet Webinar on their Wireless initiative. Very interesting things coming soon, especially with FortiOS 5.0. Some features include: Bridging Client Side Wireless – traffic is not required to hit wireless controller if controller is remote Remote Wireless Controllers Receptionist Guest Provisioning The Receptionist Guest Provisioning and bridging local is something we could use […]

Read More…

RFC 1918 & IPSEC Tunnels

Do you add the necessary blocks for RFC 1918 on your EGRESSING ports? You should. Playing around the other day, I wanted to find out what would happen if taking a VPN route out. Using Route-Based IPSEC Tunnels on a Fortigate I placed a FW Policy with an address group on all internal -> egressing […]

Read More…

SSL Clients accessing remote networks

Came across the need to allow SSL VPN clients access to remote networks beyond the SPOKE Firewall. In this instance, we have an IPSEC LAN-2-LAN VPN Tunnel between two points, we’ll use the name HQ & Sister-Company. A remote user accessing the HQ Firewall needs access to the Sister-Company file server. Instead of configuring another […]

Read More…