protocol | Booches.nl

Configuration Example, Firewalling, Routing

NBAR and smart filtering

René Jorissen on February 15, 2011 • 2 Comments • Tags: #application #based #http #match #mime #nbar #network #protocol #recognition

NBAR (Network Based Application Recognition) is a cool Cisco tool to identify and classify content flowing through a router. You can identify applications as mission critical, business-related, non-critical or unwanted. Once these mission critical applications are classified they can be guaranteed a minimum amount of bandwidth, policy routed, and marked for preferential treatment. Non-critical applications … Read More

Configuration Example, IPSec / SSL VPN

Citrix NetScaler: Protocol Driver Error

René Jorissen on April 20, 2010 • 1 Comment • Tags: #aaa #driver #error #ica #maxaaausers #parameter #protocol #set #ssl #sta #vpn

Today I have been troubleshooting a Citrix NetScaler configuration, where some clients received the Protocol Driver Error message when executing a published application. This error message is mostly related to a wrong configuration of the Security Ticket Authorities (STA’s). I spent a lot of time troubleshooting this issue and focused on the STA configuration. I … Read More

Mail relaying

Barracuda – Mail Protocol Violation

René Jorissen on September 8, 2009 • 1 Comment • Tags: #barracuda #firewall #mail #protocol #spam #violation

A customer updated the firmware from a Barracuda SPAM &Virus 300 firewall. The firmware was upgraded from version 3.4 to version 3.5.12.024. After the upgrade no email was coming in or going out through the Barracuda firewall. All email was blocked and the following reason was visible in the message log: Mail Protocol Violation At … Read More

Firewalling

Failed to establish VPN through PIX

René Jorissen on October 17, 2008 • 5 Comments • Tags: #1723 #305006 #47 #asa #creation #failed #firewall #for #gre #pix #pptp #protocol #regular #stateful #translation #vpn

We migrated our Internet connection lately and reconfigured our PIX firewall. We added some memory to install the latest firmware version (8.0(4)). After putting the PIX firewall in production some of the employees were complaining they couldn’t establish any PPTP VPN Tunnels anymore to customers. Every time when some one called me, I tried it … Read More

Configuration Example, Routing

HSRP and ACL’s

René Jorissen on October 1, 2008 • 0 Comments • Tags: #1985 #access #accesslist #acl #hot #hsrp #list #multicast #protocol #routing #standby #udp

I added a Guest VLAN to a network environment with two multi layer switches running HSRP. To secure the internal network from the Guest VLAN, I added a ACL to the Guest VLAN SVI. The ACL is stated below: ip access-list extended GUEST-DENY-RFC1918 remark Allow DHCP permit udp any eq bootpc any remark Deny RFC … Read More

Firewalling

Cisco Firewall Design and Deployment

René Jorissen on June 25, 2008 • 0 Comments • Tags: #access #active #asa #bridging #context #dynamic #fwsm #mixed #mode #multicontext #multicast #multiple #protocol #redundancy #redundant #remote #routed #routing #sitetosite #standby #transparant #virtualization #vpn

The session about firewall design and deployment didn’t reveal a lot of new things about the Cisco ASA appliance or FWSM module. The only new thing for me was the possibility to configure a redundant interface for a Cisco ASA appliance. The screen shot below shows the cabling scheme for an implementation with and without … Read More