Tag: address

Configuration Example, Fortinet

FortiGate – IPSec with dynamic IP

René Jorissen on April 13, 2016 5 Comments • Tags: #address #ddns #dynamic #fortigate #fortinet #ip #ipsec #vpn

Site-to-site VPN connections are a common way to connect a branch office to the corporate network. In the Netherlands it is still common to have a internet connection at a branch office with a dynamic IP address. The usage of dynamic IP address is not ideal when configuring a site-to-site VPN connection, because the configuration almost always … Read More

Proxy, Security

Citrix Secure Gateway via https-only

René Jorissen on February 4, 2013 0 Comments • Tags: #address #citrix #gateway #http #https #ip #redirect #restriction #secure #unsecure

Configuring a Citrix Secure Gateway (CSG) server is simple, but provides a powerful solution to access resource from remote locations. CSG is an application installed on a DMZ server. Mostly I also configure the Citrix WebInterface on the same server. The CSG instance listens on TCP/443 and the WI instance listens on TCP/80. To improve … Read More

IPSec / SSL VPN, Security

Microsoft UAG – Invalid External Port bug

René Jorissen on November 2, 2011 4 Comments • Tags: #2010 #a #access #activated #address #be #cannot #choose #different #due #external #following #forefront #gateway #invalid #microsoft #port #sp1 #the #to #uag #unified

Last week I have installed a Microsoft UAG array. I installed Microsoft ForeFront Unified Access Gateway 2010 including Service Pack 1. When using an array configuration you have to deploy Microsoft’s Network Load Balancing (NLB) for redundancy and load balancing purposes. I configured NLB with multicast and IGMP support. I had configured some HTTPS trunks … Read More

Anti-virus / Anti-SPAM, Configuration Example, Proxy

TrendMicro IMSVA – reject unknown recipients via LDAP

René Jorissen on October 26, 2010 9 Comments • Tags: #address #imsva #ldap #mail #micro #recipients #reject #secondary #trend #trendmicro

With the configuration and implementation of an anti-virus, anti-spam solution, I always check if the security appliance has the option to block unknown recipients via LDAP. This prevents unnecessary e-mail from being sent to the backend servers. While configuring a TrendMicro IMSVA 8.0 I noticed that the LDAP option was available, as shown below. The … Read More

Configuration Example, Management

IPplan – IP address management

René Jorissen on September 30, 2009 5 Comments • Tags: #address #cacti #cactiez #dynamic #ip #ipam #ipplan #management #nmap

A lot of customers have different methods for their IP address management. Most of them use some kind of static documentation, like an Excel sheet. In the past I implemented IPplan multiple times. I like this tool, because it dynamically scans multiple IP subnets, using ICMP and/or Nmap. Another advantage of IPplan is its ability … Read More

Configuration Example, Routing

Policy NAT on Cisco router

René Jorissen on January 14, 2009 9 Comments • Tags: #address #based #cisco #dynamic #nat #network #policy #policybased #router #static #translation

A colleague of mine had to implement an IPSec VPN tunnel from a customer to a supplier. The customer has a Cisco router for connecting to the Internet, so nothing special. The router is already setup and in production. Configuring an extra IPSec VPN tunnel isn’t very hard, the most important part is the negotiation … Read More