Configuration Example, Firewalling

FortiGate – debug flow

René Jorissen on February 10, 2015 0 Comments • Tags: #debug #diagnose #flow #fortigate #policy #simulation

You can use the diagnose debug flow commands to do a policy simulation. An example of the output: fw01 (root) # diagnose debug enable fw01 (root) # diagnose debug flow show console enable show trace messages on console fw01 (root) # diagnose debug flow filter addr 10.10.1.25 fw01 (root) # diagnose debug flow trace start … Read More

Configuration Example

Cisco WLC and pre-download software to AP

René Jorissen on February 4, 2015 0 Comments • Tags: #cisco #predownload #upgrade #wlc

A simple post, because I always forget the CLI commands to TFTP the software to the controller. I also added the command to predownload the new firmware to all access-points. This dramatically speeds up the upgrade process of the access-points. You need to set the TFTP parameters first. (Cisco Controller) >transfer download datatype code (Cisco … Read More

Configuration Example

ClearPass – mail validation

René Jorissen on January 29, 2015 0 Comments • Tags: #clearpass #guest #mail #restrict #validation

If you would like to restrict or validate mail addresses during guest registration, you can use simply restrict domains. An example of a mail validation for the provided user and sponsor mail address is. user mail validation (the mail address should not be a company mail address) array ( ‘deny’ => array ( 0 => … Read More

Switching

Cisco cable-diagnostics with TDR

René Jorissen on August 26, 2013 0 Comments • Tags: #cablediagnostics #cisco #domain #reflector #tdr #time

Some Cisco switches have a way to check the condition of copper cables. This can be done via de command test cable-diagnostics tdr. TDR stands for Time Domain Reflector. More information about Time Domain Reflector can be found at the Cisco Support Community. The command can be very useful for basic layer 1 troubleshooting. core01#test … Read More

Other stuff...

Sophos UTM – An unsupported mechanism

René Jorissen on February 20, 2013 2 Comments • Tags: #adir_auth_process_negotiate #auth_adirc:311 #essentials #live #mechanism #requested #sophos #unsupported #utm #was #windows

I got some strange issues / problems while testing a Sophos UTM appliance with 9.004-34 software. The Web Security feature is filtering requests and using client authentication. The proxy is using Standard Mode with Active Directory SSO authentication. I testing the proxy by changing the proxy settings on a Citrix server. Everything was working without … Read More

Proxy, Security

Citrix Secure Gateway via https-only

René Jorissen on February 4, 2013 0 Comments • Tags: #address #citrix #gateway #http #https #ip #redirect #restriction #secure #unsecure

Configuring a Citrix Secure Gateway (CSG) server is simple, but provides a powerful solution to access resource from remote locations. CSG is an application installed on a DMZ server. Mostly I also configure the Citrix WebInterface on the same server. The CSG instance listens on TCP/443 and the WI instance listens on TCP/80. To improve … Read More