Clik here to view.
IPv6 through IPv4 VPN Tunnel with Juniper SSGs
The most common transition method for IPv6 (that is: how to enable IPv6 on a network that does not have a native IPv6 connection to the Internet) is a “6in4″ tunnel. Even other tunneling methods such...
View ArticleClik here to view.
Ping Times/Latency: DSL vs. Glasfaser, IPv4 vs. IPv6
Seit wenigen Tagen bin ich glücklicher Kunde eines Telekom Glasfaseranschlusses. Mit satten 50/10 MBit/s rasen die Daten bei mir ein und aus. Neben der deutlich höheren Geschwindigkeit war ich aber...
View ArticleClik here to view.
Basic IPv6 Messages: Wireshark Capture
When explaining IPv6 I am always showing a few Wireshark screenshots to give a feeling on how IPv6 looks like. Basically the stateless autoconfiguration feature (SLAAC), DHCPv6, Neighbor Discovery, and...
View ArticleClik here to view.
BOINC Load depends on Processor Type
I am running two old notebooks in my laboratory for several server purposes. Last year, I started to support the World Community Grid project with the idle times on these laptops. Nothing interesting...
View ArticleClik here to view.
Telekom Dual-Stack Verbindungsaufbau
Bis neulich hatte ich einen normalen DSL-Anschluss von 1&1: Per PPPoE eingewählt und eine IPv4-Adresse bekommen – fertig. Das kann neben der FRITZ!Box natürlich auch jeder vernünftige Router oder...
View ArticleClik here to view.
F5 SSL Profile: “Single DH use” not working?
In the paper of the Logjam attack, a sentence about the F5 load balancers confused me a bit: “The F5 BIG-IP load balancers and hardware TLS frontends will reuse unless the “Single DH” option is...
View ArticleClik here to view.
Out of the Box Network Analyzer “ntopng”
Some time ago I installed a new firewall at the customer’s site. Meanwhile the customer was interested in the flows that are traversing through the firewall right now. Oh. Good question. Of course it...
View ArticleClik here to view.
Yet another ownCloud Installation Guide
If you want to use you own ownCloud installation, you can find several documentation on the Internet on how to set up this server, e.g. the official ownCloud documentation, or installation guides such...
View ArticleClik here to view.
IPsec Site-to-Site VPN FortiGate FRITZ!Box
Hier kommt ein kurzer Guide wie man ein Site-to-Site VPN zwischen einer FortiGate Firewall und einer AVM FRITZ!Box aufbaut. Anhand von Screenshots zeige ich die Einrichtung der FortiGate, während ich...
View ArticleClik here to view.
Policy Routing on a FortiGate Firewall
This is a small example on how to configure policy routes (also known as policy-based forwarding or policy-based routing) on a Fortinet firewall, which is really simple at all. Only one single...
View ArticleClik here to view.
1&1 DSL Routing: Hop Counts unterschiedlich
Seit über einem Jahr zeichne ich die Anzahl der Hops von einer Reihe DSL-Anschlüssen auf (siehe hier). Mein Monitoring-Server läuft dabei hinter einem statischen Anschluss der Telekom, während die...
View ArticleClik here to view.
Roundcube Installation Guide
Roundcube is an email webclient which is easy and intuitive to use. I am using it for my private mails, connecting via IMAP and SMTP to my hoster. One of the great advantages is the “flag” option which...
View ArticleClik here to view.
Palo Alto High Availability Heartbeat
Beside the HA1 and HA2 interfaces on a Palo Alto Networks firewall, there are the HA1/HA2 Backup and Heartbeat Backup options. I was a bit confused while reading the documentation of the high...
View ArticleClik here to view.
Policy-Based Routing on ScreenOS with different Virtual Routers
I already puslished a blog post concerning policy-based routing on a Juniper firewall within the same virtual router (VR). For some reasons, I was not able to configure PBR correctly when using...
View ArticleClik here to view.
Policy Based Forwarding on a Palo Alto with different Virtual Routers
This guide is a little bit different to my other Policy Based Forwarding blog post because it uses different virtual routers for both ISP connections. This is quite common to have a distinct default...
View ArticleClik here to view.
Policy Based Routing on a Cisco ASA
Cisco ASA 9.4 (and later) is now supporting Policy Based Routing. Yeah. Great news, since many customers are requesting something like “HTTP traffic to the left – VoIP traffic to the right”. Coming...
View ArticleClik here to view.
OSPF Visualizer
While reading the OSPF chapter in the Cisco CCNP ROUTE learning guide, I was interested in how to visualize an OSPF area. Since every router in the same area has a complete view of all routers and...
View ArticleClik here to view.
OSPFv3 for IPv6 Lab: Cisco, Fortinet, Juniper, Palo Alto
Similar to my test lab for OSPFv2, I am testing OSPFv3 for IPv6 with the following devices: Cisco ASA, Cisco Router, Fortinet FortiGate, Juniper SSG, and Palo Alto. I am showing my lab network diagram...
View ArticleClik here to view.
IPv6 Site-to-Site VPN Recommendations
With global IPv6 routing, every single host has its own global unicast IPv6 address (GUA). No NAT anymore. No dirty tricks between hosts and routers. Great. Security is made merely by firewalls and...
View ArticleClik here to view.
Juniper ScreenOS: DHCPv6 Prefix Delegation
The Juniper ScreenOS firewall is one of the seldom firewalls that implements DHCPv6 Prefix Delegation (DHCPv6-PD). It therefore fits for testing my dual stack ISP connection from Deutsche Telekom,...
View Article