Security | Booches.nl

Configure VPN client on IOS router

René Jorissen on February 10, 2010 • 9 Comments • Tags: #access #cisco #client #configure #ios #remote #router #split #splittunneling #tunneling #vpn

One way to remotely access a network is using the Cisco VPN client. Nowadays more and more implementations of SSL VPN are being done and Cisco stopped their development on their VPN client and pushes their Cisco AnyConnect client. Still the Cisco VPN client is often used to remotely gain access to a network. The … Read More

Configuration Example, Security

MAB and MDA in an IP Phone environment

René Jorissen on February 5, 2010 • 26 Comments • Tags: #5330 #authenticate #bypass #cdp #ciscoavpair #devicetrafficclassvoice #domain #hostmode #lldp #mab #mac #mda #mitel #multidomain #multiple #phone #radius #vsa

I blogged before about the MAC Authentication Bypass (MAB) feature in network environments. MAC Authentication Bypass can be used to secure the wired network by verifying MAC addresses to a central database. By using a radius server, like Microsoft IAS or FreeRadius, you can also redirect verified MAC addresses to a specific VLAN. Lately I … Read More

Proxy, Security

eSafe license expires

René Jorissen on November 27, 2009 • 0 Comments • Tags: #base #esafe #evaluation #expires #filter #knowledge #license #registered #url

I just received the following interesting question: What happens if our eSafe license expires?……Because it expires this weekend!!!!!!!! Interesting question, because I never encountered such a situation. Normally the license is renewed in a timely fashion or a trial is stopped before the license expires. I searched the Knowledge Base from eSafe and found an … Read More

Proxy, Security

Citrix Terminal Server License Server problem

René Jorissen on November 27, 2009 • 1 Comment • Tags: #available #citrix #disconnected #license #mslicensing #problem #provide #registry #remote #server #session #terminal

One of our customers is using a Citrix NetScaler appliance for SSL VPN capabilities for remote users. I tried to start an application (RDP Client) through this SSL VPN solution, but I couldn’t succeed. I was able to login and I would see all the published applications, but when executing one, I received the following … Read More

Security

RSA 7.1 with On-Demand

René Jorissen on November 18, 2009 • 0 Comments • Tags: #35 #71 #clickatell #demand #email #ldap #mail #on #otp #policy #rsa #selfservice #sms #token #vmware

RSA token security provides a way to strengthen the security on public services. Token authentication is most often implemented with hardware tokens. RSA 7.1 has additional methods of token authentication besides the hardware tokens: Token delivery by SMS; Token delivery by e-mail; To enable the above features you have to install at least RSA 7.1 … Read More

Firewalling, Security

Cisco ASA: DNS reply filtering

René Jorissen on August 28, 2009 • 7 Comments • Tags: #asa #cache #class #dns #drop #expression #filtering #inspect #inspection #map #policymap #regex #regular #request #url

Today I was asked to block access to multiple websites and the only device capable of doing this was the firewall. This customer is using a Cisco ASA firewall, which supports basic URL filtering. This customers wanted to block HTTP and HTTPS websites. HTTPS websites use a SSL tunnel from the end device to the … Read More