Tag: protocol
Configuration Example, Firewalling, Routing
NBAR and smart filtering
NBAR (Network Based Application Recognition) is a cool Cisco tool to identify and classify content flowing through a router. You can identify applications as mission critical, business-related, non-critical or unwanted. Once these mission critical applications are classified they can be guaranteed a minimum amount of bandwidth, policy routed, and marked for preferential treatment. Non-critical applications … Read More
Configuration Example, IPSec / SSL VPN
Citrix NetScaler: Protocol Driver Error
Today I have been troubleshooting a Citrix NetScaler configuration, where some clients received the Protocol Driver Error message when executing a published application. This error message is mostly related to a wrong configuration of the Security Ticket Authorities (STA’s). I spent a lot of time troubleshooting this issue and focused on the STA configuration. I … Read More
Barracuda – Mail Protocol Violation
A customer updated the firmware from a Barracuda SPAM &Virus 300 firewall. The firmware was upgraded from version 3.4 to version 3.5.12.024. After the upgrade no email was coming in or going out through the Barracuda firewall. All email was blocked and the following reason was visible in the message log: Mail Protocol Violation At … Read More
Failed to establish VPN through PIX
We migrated our Internet connection lately and reconfigured our PIX firewall. We added some memory to install the latest firmware version (8.0(4)). After putting the PIX firewall in production some of the employees were complaining they couldn’t establish any PPTP VPN Tunnels anymore to customers. Every time when some one called me, I tried it … Read More
Configuration Example, Routing
HSRP and ACL’s
I added a Guest VLAN to a network environment with two multi layer switches running HSRP. To secure the internal network from the Guest VLAN, I added a ACL to the Guest VLAN SVI. The ACL is stated below: ip access-list extended GUEST-DENY-RFC1918 remark Allow DHCP permit udp any eq bootpc any remark Deny RFC … Read More
Cisco Firewall Design and Deployment
The session about firewall design and deployment didn’t reveal a lot of new things about the Cisco ASA appliance or FWSM module. The only new thing for me was the possibility to configure a redundant interface for a Cisco ASA appliance. The screen shot below shows the cabling scheme for an implementation with and without … Read More