Practical documentation and technical guides on network security, firewalls, Linux systems, monitoring, and automation.
We feature technical articles across the entire IT spectrum - Built from real-world experience and continuously updated.
Within this article we will show you how to purge a file from Rackspace`s Cloud File CDN Caches. Get Auth Token First all you will need to obtain the Auth Token. This token will be used to perform further actions via the API. For this you will need to obtain your API Key which can … Read more
Error When trying to connect using the Cisco VPN Client with certificate based authentication you receive the following error from you debug logs. CRYPTO_PKI: Certificate validation: Failed, status: 1873. Attempting to retrieve revocation status if necessary ERROR: Certificate validation failed. Peer certificate key usage is invalid, serial number: 210F2EDE0000000009AF, subject name: cn=xxxxx,ou=xxxx,o=xxxxx,c=xx CRYPTO_PKI: Certificate not … Read more
Within this article we look at how to rate-limit traffic via the use of an iRule. iRule The Table Command So that we can rate-limit traffic the iRule command ‘table’ is used. The table command (as the name suggests) provides the ability to create, delete, and append tables, along with being able to define timeouts … Read more
Introduction ASA 8.3 onwards brought a number of changes in how NAT is processed. First of all NAT is built around objects, this allows for IP`s to be changed and objects to be renamed much easier than previously. Also when configuring ACL`s the Real IP/Port address(s) are now used. Pre 8.3 access-list acl-outside extended permit … Read more
Issue When requesting a certificate via the browser, at the point you try to issue the certificate (via certsrv.msc) you receive the error: Error Constructing or Publishing Certificate When looking through the Events for Active Directoty Certificate Services you see the error: Active Directory Certificate Services denied request 8 because The request subject name is … Read more
Within this article we will configure a basic Anyconnect setup. The Anyconnect client provides the ability to securly connect to your LAN via TLS/DTLS (TLS over UDP). Enable WebVPN asa84(config)# webvpnasa84(config-webvpn)# enable outsideINFO: WebVPN and DTLS are enabled on ‘outside’.asa84(config-webvpn)# anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkgERROR: The specified AnyConnect Client image does not exist.asa84(config-webvpn)# anyconnect enableasa84(config-webvpn)# exit Create User … Read more
Symptoms When enabling CSW and running HTTP pipelining you may experience a breakdown in your HTTP session. Issue When enabling CSW on a Virtual Server pipelining is enabled on the designated port by default. The issue occurs when a second GET request comes in before the first GET/POST answer is fully received from the server (this … Read more
Symptoms You may find that when enabling SSL (termination) and a CSW policy your SSL session fails due to the ADX issuing a RST back to the client. When running a url debug via rcon you see the following : URL: process client packet return error CSW_PARSE_ERROR_MAX_MEMORY[80] ??? Free multiple stored packets. HTTP Split State: … Read more
Within this article we will show you how to configure Apache to serve your content over a SSL based connection using a self signed certificate. Generate Certificate/Key First of all we generate a self signed certificate using openssl. This will create 2 files, a public certificate and a private key. mkdir -p /opt/ssl/crt/cd /opt/ssl/crt/openssl req … Read more