Symptoms You may find that when enabling SSL (termination) and a CSW policy your SSL session fails due to the ADX issuing a RST back to the client. When running a url debug via rcon you see the following : URL: process client packet return error CSW_PARSE_ERROR_MAX_MEMORY[80] ??? Free multiple stored packets. HTTP Split State: … Read more
Within this article we will show you how to configure Apache to serve your content over a SSL based connection using a self signed certificate. Generate Certificate/Key First of all we generate a self signed certificate using openssl. This will create 2 files, a public certificate and a private key. mkdir -p /opt/ssl/crt/cd /opt/ssl/crt/openssl req … Read more
Within this tutorial we will show you the nessecary steps in configuring your ASA as a CA server. Time/Date First of all we set the time and date. asa-skyn3t(config)# show clock08:05:40.249 UTC Sun Sep 30 2012 Enable CA Next we enable the ASA as a CA server. asa-skyn3t(config)# crypto ca serverasa-skyn3t(config-ca-server)# subject-name-default cn=skyn3tca, o=skyn3t, c=UKasa-skyn3t(config-ca-server)# … Read more
One great feature of the F5 Local Traffic Manager is ability to distribute traffic basic on its geographical location. This feature was introduced within v10.1 thanks to F5`s partnership with Neustar (previously) Quova. The geolocation component uses a (local) IP geolocation database (on the F5) to determine the geographically location of the IP address. To … Read more
On the SRX Branch Series each interface can be configured as either layer 2 or layer 3. These are shown below : Routed Ports – Layer 3 (inet) Bridge – Layer 2 (only used for transparent mode) Ethernet-switching – Layer 2 (switchport) Within this article we will look at how to configure a trunk and … Read more
Twice NAT allows you to NAT both the source and destination within a single rule. Scenario A scenario where this type of configuration would be required is shown below. To ensure that any traffic originating from the Internet isn’t sent back out to its default gateway (asymmetrically routed) the source IP is translated to an … Read more
Purpose The purpose of this article is to describe the various steps required to create a site to site VPN between a Cisco ASA and a Juniper Netscreen when both sides have overlapping subnets. Example Within this example each side will have an endpoint of 192.168.10.0/24. Because of this both sides will present their endpoint … Read more
NS (Name Server) Records are used within the Domain Name System (DNS) to determine which name servers are authoritative for a domain. NS records also provide name server delegation. Example Within this example we have a domain named example.com. The parent zone (.com) will contain the NS records for this zone. Now, if we wanted to … Read more
Within this article we will looking at the steps required to tab multiple lines within VI.This feature is great for ensuring readability, when editing indent based languages such as Python or just programming in general. Steps Press “<SHIFT> + v” to enter VISUAL LINE mode. Select the text you wish to indent but using either … Read more
Policy-Based Server Load Balancing (PB-SLB) provides the ability to distribute traffic based on the source IP address of the client. There are 2 ways in which to configure PB-SLB. You can either pull a list of IP`s from a TFTP server or define the IP`s directly on the ADX.This example is based on defining the … Read more