Category: Configuration Example
FortiGate – Outbound OSPF filtering
Just a quick post on filtering outbound OSPF advertisements. I had some struggle with this config today. config router prefix-list edit “filter-outbound” config rule edit 1 set prefix 10.10.0.0 255.255.0.0 unset ge unset le next edit 2 set prefix 10.20.0.0 255.255.0.0 unset ge unset le next edit 3 set action deny set prefix any … Read More
Configuration Example, Wireless
Aruba MAS – Tunneled node
Today I played a bit with an Aruba Mobility Access Switch with Tunneled Node configuration to a Aruba Mobility Controller. More information on Tunneled Node can be found here. The configuration is straight forward. You need to configured a tunneled-node profile on the MAS and associate the access ports on the MAS to a VLAN, … Read More
Configuration Example, Switching
ProCurve – Secure Management
Managing networking components is possible via a web interface or via a command-line interface. It doesn’t matter which method you prefer, but it does matter that the connection should be secure. If you use telnet (cli) or http (web interface) the management traffic is send clear-text across the network. I still notice that a lot of … Read More
Configuration Example, Firewalling
FortiGate – debug flow
You can use the diagnose debug flow commands to do a policy simulation. An example of the output: fw01 (root) # diagnose debug enable fw01 (root) # diagnose debug flow show console enable show trace messages on console fw01 (root) # diagnose debug flow filter addr 10.10.1.25 fw01 (root) # diagnose debug flow trace start … Read More
Cisco WLC and pre-download software to AP
A simple post, because I always forget the CLI commands to TFTP the software to the controller. I also added the command to predownload the new firmware to all access-points. This dramatically speeds up the upgrade process of the access-points. You need to set the TFTP parameters first. (Cisco Controller) >transfer download datatype code (Cisco … Read More
ClearPass – mail validation
If you would like to restrict or validate mail addresses during guest registration, you can use simply restrict domains. An example of a mail validation for the provided user and sponsor mail address is. user mail validation (the mail address should not be a company mail address) array ( ‘deny’ => array ( 0 => … Read More