Clik here to view.
Some more Mail Captures
Email is still the most common communication protocol on the Internet. And since I was missing some variants of the related protocols, IMAP, POP3, and SMTP in the Ultimate PCAP, I did some captures. ✅...
View ArticleClik here to view.
Dynamic DNS on a Palo
With PAN-OS 9.0 (quite some time ago), Palo Alto Networks has added Dynamic DNS for a firewall’s interfaces. That is: If your Internet-facing WAN interface gets a dynamic IP address via DHCP or PPPoE...
View ArticleClik here to view.
Misusing Palo’s Captive Portal as a Guest Wi-Fi Welcome Page
I was faced with an interesting customer requirement: An existing guest Wi-Fi should be prefaced with a welcome page for accepting the terms and conditions. Since there was already a Palo Alto Networks...
View ArticleClik here to view.
BGP Route Filtering with Palo’s Advanced Routing Engine (ARE)
With PAN-OS 10.2, Palo Alto Networks has introduced the “Advanced Routing Engine” (ARE) with its “Logical Routers” (LR) rather than the legacy “Virtual Routers” (VR). The Advanced Routing Engine...
View ArticleClik here to view.
PANW: Dynamic Routing between Logical Routers
How to route traffic between multiple logical routers aka Inter-LR Routing on a Palo Alto Networks Strata firewall? More precisely, inclusive route redistribution rather than a few static routes. –>...
View ArticleClik here to view.
iPad Ping: WLAN vs. LAN
Meine Kids spielen derzeit häufig Brawl Stars, ein Echtzeit Onlinespiel. Und sie schauen auch immer mal Videos dazu, bei denen ihnen jetzt der Floh ins Ohr gesetzt wurde, dass man ein iPad ja auch per...
View ArticleClik here to view.
Getting started with the APIs from Palo Alto Ntwks
You can talk to firewalls and Panorama from Palo Alto Networks in various ways. The well-known GUI (which I really love, by the way) and the CLI are quite common at first glance. Nearly everyone using...
View ArticleClik here to view.
Joining an Active Directory: A Packet Capture
What happens on the network if you’re joining a Microsoft Active Directory domain? Which protocols are used? As I suspected, it’s a bit more complex than just seeing a single known protocol like HTTPS....
View ArticleClik here to view.
Laden an öffentlichen Säulen: Ein Trauerspiel!
Seit einem Monat fahre ich erstmalig ein E-Auto. Und ebenso positiv euphorisch bin ich an das Laden an öffentlichen Säulen herangegangen. Dazu gab es auch allen Grund: Überall sieht man solche...
View ArticleClik here to view.
Wallbox: Die Qual der Wahl
Die Aufgabenstellung war klar: Eine Wallbox fürs Eigenheim muss her, schließlich ist das Laden an öffentlichen Säulen ein Trauerspiel. Aber die Entscheidung, welche Wallbox es sein soll, war dann alles...
View ArticleClik here to view.
It’s Always DNS – Poster
We all know the DNS, right? But when we need to troubleshoot it, it’s getting much more complicated than initially thought. DNS ≠ DNS ≠ DNS. And unfortunately: It’s Always DNS. To get a better...
View ArticleClik here to view.
It’s Always DNS! @ SharkFest’23 EU
This time (2023) at the yearly Wireshark Developer and User Conference in Europe, I gave a talk about DNS. How could it have been any different –> The title simply had to be ‘It’s Always DNS‘. 😂...
View ArticleClik here to view.
Das Domain Name System
Kaum ein anderes Element ist so essenziell für das Internet wie das Domain Name System. Ruckelts mal im DNS, reagieren Webseiten und überhaupt alle Internetanwendungen gleich langsamer oder gar nicht....
View ArticleClik here to view.
xDSL-Modems
Wenn man eine Enterprise-Firewall an einem klassischen DSL-Anschluss verwenden möchte, benötigt man ein extra DSL-Modem. Dies unterscheidet sich von Heimkundenroutern wie der Fritzbox, die immer schon...
View ArticleClik here to view.
Dual-Stack PPPoE on a Palo Alto Firewall
If you want to establish an Internet connection (that is: IPv6 and IPv4) right away from your firewall through xDSL connections, you need quite some technologies: PPPoE and PPPoEv6 (PPP IPV6CP) along...
View Article