Installation Steps of LOG Storm Free Virtual SIEM Appliance
I was reading the Top 47 Log Management Tools from ProfitBricks’ blog. During quick scanning the key features and cost, I decided to give LOG Storm a try. This post…
Configure Palo Alto VM 6.0.0 in Vmware Workstation and ESXi
Palo Alto Networks has developed Virtualized Firewalls VM series to run in virtual environment. Here is the list for supported hypervisors from its website: The VM-Series supports the exact same…
Bypass China GFW
It becomes harder and harder to surf Western Internet Websites from China such as Youtube, facebook, Google. Here are some ways I found to bypass it. 1. Hole at GFW-…
Certificate Import Failed with “% Failed to parse or verify imported certificate” because of Verisign Using new Intermediate CA Certs G4
Symptoms: Worked on IPSec VPN Certificate for whole morning to try to import a certificate, finally gave up to ask support from Verisign. I did this many times and had…
Certification based Cisco IPSec VPN Down caused by ‘signature invalid’
Symptom: Recently, I were troubleshooting a IPSec VPN using Certificate issue. One IPSec VPN router got rebooted then IPSec tunnel was not able to be re-build. It tested fine with…
Cisco ACS Lab2: Use Tacacs+ to do Authentication and Authorization with ACS 5.6
Previous Lab1: Cisco ACS Lab1: Installing and Configuring ACS 5.6 in ESXi and GNS3This Lab2 will use cisco router to connect with ACS 5.6 and use Tacacs+ protocol to complete…
Check Point Cluster Member Gateway Drops Ping Packets Without Log in Smartview Tracker
When working on network device monitoring project, there is interesting thing happened on Check Point cluster gateways. I am not able to ping active cluster member. Also surprising thing is…
Cisco ACS Lab1: Installing and Configuring ACS 5.6 in ESXi and GNS3
Cisco Secure Contral Access System (ACS) has been around in the market for a long time and widely been used as the software to do network device administration with Tacacs+…
Using Symantec Verisign SSL Certificate for Check Point SSL VPN Mobile Access Portal
Mobile Blade has been enabled on Checkpoint Gateway from my series posts “Enable Checkpoint SSL VPN Remote Access: Step by Step Instruction Part 1 (Local User Authentication)“. Mobile Access portal…
Configure High End Juniper SRX 1400 as Chassis Cluster Steps
There is a new project to configure a new pair of Juniper SRX1400 as Chassis Cluster implementation for one of our customers. Juniper documentation does not have clear guide for…
Fortinet Firewall Fortigate-30D Basic Configuration and NAT Set up Steps
There is a new Fortigate-30D firewall shipped to me and I am working on to have it tested in our network environment to see how the performance looks like. Device…
Poodle : New SSL 3.0 Bug (CVE-2014-3566)
Oct 14 2014, this bug CVE_2014-3566 has been found as a subtle but significant security weakness in version 3 of the SSL protocol. Severity level is Medium. Basically this vulnerability…