cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Security Blogs

meddane
144 Views
0 Comments
Site to Site IPSec VPN with Dynamic IP Endpoint is typically used when we have a branch sites which obtains a dynamic public IP from the Internet ISP. For example an ADSL connection. One important note is that Site-to-Site VPN with Dynamic remote routers ... Read More
meddane
57 Views
0 Comments
On R1, configure a key ring that defines the peer R3: Address: 23.0.0.3 Local and remote pre-shared key: cisco R1(config)#crypto ikev2 keyring KR R1(config-ikev2-keyring)# peer R3 R1(config-ikev2-keyring-peer)# address 23.0.0.3 R1(config-ikev2-keyring-pee... Read More
meddane
80 Views
0 Comments
This document shows how to use the Port Radius NAS PORT Id Attribute in a compound condition to control access with 802.1X. A user jdoe is allowed to access the network only through the physical port FastEthernet 0/1 of the switch and the user jwhite is a... Read More
meddane
236 Views
0 Comments
DMVPN Dual Hub Dual Cloud Pros and Cons ProsNo single point of failureQuick failover if routing protocols are tunedLoad balancing is easyTraffic engineering is easyEasy to work with multiple ISPsConsNeed 2 tunnels per spokeConfiguration is more complicate... Read More
meddane
262 Views
0 Comments
I had in the past an issue when migrating Cisco Cloud Web Security to Cisco Umbrella for a Customer. The Cisco ASA Firewall blocks the DNScrypt provided by the Cisco Umbrella Virtual Appliance. The issue is solved by disabling DNS packet inspection betwee... Read More
meddane
321 Views
0 Comments
Network Security All-in-one Version 1.4: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security This book is written for Network engineers working in the Security field and to prepare the CCNP Security exam, it includes Cisco ASA Firewall, ASA with FirePOWER... Read More
Mike.Cifelli
288 Views
0 Comments
I am going to provide a general understanding on how to use a custom Ansible module. A module is essentially a reusable standalone script that Ansible will run on your behalf. The module can be run remotely and/or locally. Modules have the ability to prov... Read More
meddane
249 Views
1 Comment
One of the most confusing topic in VPN is GRE Over IPSec VS IPSec Over GRE. The wireshark capture shown the major difference in the way the traffic is encrypted by IPSec. -In the First capture (left) for IPSec Over GRE, the routing protocol is not encrypt... Read More
meddane
194 Views
2 Comments
The 802.1X protocol is basically a method to control the network access for users, authentication with a username and password, and authorization using a Dacl or VLAN assignment for example. The PC sends a EAP-Response message providing the username, for ... Read More
meddane
400 Views
0 Comments
Nat Traversal also known as UDP encapsulation allows traffic to get to the specified destination when a device does not have a public address. This is usually the case if your ISP is doing NAT, or the external interface of your firewall is connected to a ... Read More
meddane
415 Views
0 Comments
Basic configuration of R1, R2 and R3, NAT should not be enabled for Lo1: R1: interface Loopback0 ip address 10.1.1.1 255.255.255.0 ip nat inside ! interface Loopback1 ip address 172.16.1.1 255.255.255.0 ! interface FastEthernet0/0 ip address 14.0.0.1 255.... Read More
meddane
417 Views
0 Comments
R1: interface Lo0 ip address 172.16.1.1 255.255.255.0 ! interface FastEthernet0/0 ip address 192.0.2.1 255.255.255.0 no shutd ! ip route 0.0.0.0 0.0.0.0 192.0.2.2 R2: interface FastEthernet0/0 ip address 192.0.2.2 255.255.255.0 no shutd ! interface FastEt... Read More
meddane
298 Views
0 Comments
On R1, configure a key ring that defines the peer R3: Address: 23.0.0.3 Local and remote pre-shared key: cisco R1(config)#crypto ikev2 keyring KR R1(config-ikev2-keyring)# peer R3 R1(config-ikev2-keyring-peer)# address 23.0.0.3 R1(config-ikev2-keyring-pee... Read More
meddane
382 Views
1 Comment
Scenario-1 between Cisco routers: 192.168.1.0/24 –R1——R2–192.168.1.0 The NAT configuration on a R1 should be like this: ip nat inside source static network 192.168.1.0 192.168.100.0 /24 ip nat outside source static network 192.168.1.0 192.168.200.0 /24 on... Read More
Create
Top Experts
Last 6 Months
Recognize Your Peers
Content for Community-Ad