Category: Security
Microsoft UAG – Invalid External Port bug
Last week I have installed a Microsoft UAG array. I installed Microsoft ForeFront Unified Access Gateway 2010 including Service Pack 1. When using an array configuration you have to deploy Microsoft’s Network Load Balancing (NLB) for redundancy and load balancing purposes. I configured NLB with multicast and IGMP support. I had configured some HTTPS trunks … Read More
ISA Server 2006 array – renew certificate
When configuring a Microsoft ISA Server 2006 array you have two options for authentication and communication between the Microsoft ISA 2006 Configuration Storage Server and the array members. Windows Authentication: Choose this option if ISA server and the Configuration Storage server are in the same domain, or in different domains with a trust relationship between … Read More
Configuration Example, Security
Windows CA template – web server and private key export
Creating a web server certificate request is very easy when using a Windows CA server. There is one disadvantage. The requested certificate is directly stored in the user store (by default) or the local computer store, if specified during the request. The disadvantage is that you cannot export the requested certificate including the private keys. … Read More
Configuration Example, Security
Tunneling sessions via Plink
Plink stands for PuTTY Link and is a command-line connection tool similar to Unix ssh. As a networking consultant I often need to support customers from remote locations. Access to their networking equipment is mostly blocked from unknown locations. Sometimes it is allowed to directly access networking equipment, like a company firewall, from a known … Read More
Configuration Example, Security
Restore RSA 7.1 primary database and RADIUS config
A few days ago I was troubleshooting a problem with an ISA array after upgrading the VMware environment as you can read in this article. I had a same kind of problem with a RSA environment. After upgrading the VMware Tools and the Virtual Hardware, the RSA database didn’t start anymore. RSA noticed to much … Read More
Windows LDAPS expired
A lot of appliances and/or security solutions use LDAP to synchronize users from an Active Directory or an eDirectory environment. Active Directory is LDAP enabled by default. If you would like to harden your network, you would like to use LDAPS. LDAPS is a term to refer to LDAP communication over SSL. Intercepted LDAPS traffic … Read More