Clik here to view.
Fortigate VXLAN Encapsulation
VXLAN is a Layer2 overlay scheme over a Layer 3 network. VXLAN uses MAC Address-in-User Datagram Protocol (MAC-in-UDP) encapsulation to provide a means to extend Layer 2 segments across a layer3...
View ArticleClik here to view.
Redundant Cisco ASA VPN scenario
Cisco ASA (Pre X series) are still extremely common. This entry describes a redundant VPN setup of two ISPs on the Branch firewall (Cisco 5505), and one ISP on the Datacenter/hub side (Cisco ASA 5510)....
View ArticleClik here to view.
Clearing sessions in FortiOS
Fortigate firewalls are stateful by design, this means that when a client behind the firewall talks to lets say Google a session is created – If all security policies are met. Google’s return traffic...
View ArticleClik here to view.
Fortigate SSL VPN issues – Forticlient
Recently I had an issue with a SSL VPN user who could not connect to the Fortigate. This problem started after upgrading the Fortigate from a very old 5.2.3 to the latest 5.4 firmware – 5.4.7....
View ArticleClik here to view.
Cisco ISR 4000 Bridge group with Vlans
The 4000 series does things a little differently with Bridge groups then older ISRs. The below is on a Cisco ISR 4331. In this case I needed to have a bridge group to go to two separate switches, one...
View ArticleClik here to view.
802.11 Spectrum Analysis – useful graphs
Spectrum analysis in 802.11 design is extremely important. Detecting which channels are in use in 2.4 and 5 gig spectrum’s as well as the channel density is a great help when channel planning or...
View Article802.11 – WIFI IFs
Inter frame spacing is some of the magic in WiFI. Its also one of the more confusing aspects of studying and understanding how WMM, and processes like Point coordination function work. Inter frame...
View ArticleCisco ASA – E-SMTP
I recently had an issue with a Office 365 deployment. This was a hybrid deployment, and as we were trying to start syncing to Office 365 we were getting an error in our logs : (Retry : Must issue a...
View ArticleFortigate – Ping and Traceroute options
Within the Fortigate firewall you can modify many ping and traceroute options to suite what needs you might have. For example, if you need to modify the source IP address for a ping or trace you have...
View ArticleRuckus ICX untagged vlan port config
I have been working with Brocade ICX and now Ruckus ICX for a few years now. They are awesome switches. I was asked a couple of times about something that was happening when someone would try and set...
View ArticleRuckus ICX Radius logins
I refer back to these commands a lot and thought they might help someone else. This will allow the Ruckus or Brocade ICX switches to authenticate to a radius server for logins to the device. aaa...
View ArticleClik here to view.
Ruckus P300 Bridge- Spanning-tree issue
I wanted to create a backup link for a network using a P300 bridge. The current network has two 10 gig links going between two buildings, but construction is set to start soon, that could cut the fiber...
View ArticleClik here to view.
Redundant network design using a Ruckus P300 as a backup link
This is a design I need a few weeks ago to help with a redundancy issue. Currently we have a client that occupies two buildings separated by about 500 hundred feet. Soon they will start construction to...
View ArticleRuckus SMZ – Disabling TLS 1.0
A client recently had an issue where a security audit found ciphers supported within HTTPS that are insecure. These ciphers were TLS 1.0 and TLS 1.2. The audit found these issues on the web interface...
View ArticleDell S4128F-ON port issues
Recently have been working with the S4128 switches. These have been great, and the price point is amazing. The device comes with 2 ports that can be 10/40/or 100 Gig interfaces (given media). I needed...
View ArticleClik here to view.
Ruckus ICX 7250 and Mitel 6000 Headset Power issues
Currently I am working with a client who has lots of Ruckus ICX 7250 PoE+ switches. These have been great switches, lots of features such as: large PoE budget, 10G, VRF/Routing capability. Recently the...
View ArticleDell OS10- Sflow setup
These commands should be all that is needed to setup Sflow on OS10. In this example these commands used to setup Sflow on a Dell S4128F-ON running 10.4.2.0.226. I am using PRTG as a collector. config t...
View ArticleClik here to view.
Ruckus ICX 7250 VRF setup/config
This entry details the config for setting up and deploying VRFs on a Ruckus ICX 7250. Recently I had an issue where a client had a new ISP and that ISP gave them the Customer WAN /30 subnet, then...
View ArticleClik here to view.
Fortigate 6.0 Adding and removing IPs from Quarantine list
Starting in 5.4.1 you could “Quarantine” an IP address. This means that the quarantined host cannot communicate through the firewall. There are many different parts of the firewall the quarantine an IP...
View ArticleDell S4810 – Getting all Vlans assigned to a port
I thought this might be helpful to share with anyone looking to quickly pull all vlans assigned to a port on a Dell S4810 switch. I think this command works in most FTOS switches. In this example I...
View Article