Practical documentation and technical guides on network security, firewalls, Linux systems, monitoring, and automation.
We feature technical articles across the entire IT spectrum - Built from real-world experience and continuously updated.
Below shows you the steps in order to create an SSL VPN on a Check Point Gateway : Create a new network object. This will be used as the remote users IP address. Name this “net_office-mode-IPs” Within the Check Point Object under Tolopogy > VPN Domain add your local domain. Within the Check Point Object … Read more
This example will show you how to create a certificate based VPN between 2 Check Point firewalls which are managed via different Smart Centre Servers. Please note that simplified mode VPN was used along with the Check Point version being R65. Site A Create VPN Community Within your Gateway Object add you local domain to … Read more
By default Client Authentication allows you to authenticate using HTTP (on port 900) or Telnet (on port 259). Both of which can pose security risks due to the username and passwords being sent un-encrypted. To secure Client Authenitcation follow the following steps : Change the following line in $FWDIR/conf/fwauthd.conf, 900 fwssd in.ahclientd wait 900 to … Read more
In order to to allow domain based objects through a Check Point firewall we need to understand how the domain objects actually work. When a packet hits a rule with a domain based object the Check Point does a reverse DNS looking up on the IP address against the domain object to see if they … Read more
ADSL (Asymmetric Digital Subscriber Line) is a technology (method) for the transmission of data across a standard phone line. It does this by using frequencies that are not used by standard telephone calls. This is where the term “Broadband” comes from as a broad band of frequencies are used to transmit high speed data and … Read more
Belows shows the steps for backing up your iPhone contacts. Open iTunes Plug in your phone to the computer Open the program “Address book” via Start | Programs | Accessories. Within iTunes click on the phone icon on the left. Click on Info, and under “Contacts” select “Sync contacts from” and then choose “Windows address … Read more
In order to run a tcpdump on ESX you will need to add a service console to your virtual switch. This is achieved via the following steps : Set the Virtual Switch to Promiscuous Within the vShpere Client go to Configuration | Networking. Choose the virtual switch that your would like to capture the traffic … Read more
To resolve the issue of the error : The specified key, name or identifier already exists From the command line of the ESX box run the following command : [root@ESX root]# service mgmt-vmware restart If this fails to resolve the issue run the following commands : service mgmt-vmware restart service vmware-vpxa restart service vmware-vmkauthd … Read more
NAT-T (NAT Transversal) allows for IP-ESP packets to transverse devices which introduce NAT.The problem with IPSec is that it uses the IP-ESP protocol naively. The ESP protocol doesn’t have “port-numbers” like TCP and UDP so NAT does not know how to translate the traffic because NAT/PAT is based on port numbers. With NAT-T the ESP … Read more