Booches.nl

HP Virtual Connect Manager

René Jorissen — Mon, 23 Jan 2012 13:30:33 +0000

While change the configuration of within a HP Virtual Connect Manager I noticed that I didn’t have any options to delete server profiles, Ethernet Networks or Shared Uplink Sets within the web browser. I needed to change the configuration dramatically from an active / standby configuration to an active / active configuration. I also needed [...]

Cisco Spanning Tree Scalability

René Jorissen — Thu, 12 Jan 2012 12:31:59 +0000

A colleague (Twitter: @Toonieh) mentioned spanning-tree scalability in a Cisco network. He had an article about this matter. All the credits on this post go to him. I found the article on internet and post it here to be able to find it quickly.. In a Layer 2 looped topology design, spanning tree processing instances [...]

McAfee Firewall – NAT mapping

René Jorissen — Wed, 28 Dec 2011 16:20:15 +0000

While testing a McAfee Enterprise Firewall running software 8.2.0, I had some problems with the creation of a NAT mapping. The firewall is configured as standalone firewall. All (NAT / access rule) configuration on the firewall is done using Access Control Rules. McAfee uses two types of NAT mapping: 1. NAT: mostly used to translate [...]

CactiEZ – configuration basics

René Jorissen — Mon, 19 Dec 2011 11:36:13 +0000

Every time I install CactiEZ or Cacti on another platform, I am searching for the commands to basically install the most common parameters, like static IP addressing, NTP sync and time zones. Several times I thought about writing a simple article with the necessary commands and final I had time to create it. Networking netconfig [...]

AeroHive Spectrum Analysis

René Jorissen — Thu, 03 Nov 2011 11:19:03 +0000

One cool feature about AeroHive is the build-in Spectrum Analysis feature, which is enabled by default from HiveOS 4 and higher. Spectrum analysis is very useful to get a view of the RF environment near an access-point. This is especially useful when troubleshooting bad connections (high volume of retransmissions) or other problems related to the [...]

Microsoft UAG – Invalid External Port bug

René Jorissen — Wed, 02 Nov 2011 10:58:36 +0000

Last week I have installed a Microsoft UAG array. I installed Microsoft ForeFront Unified Access Gateway 2010 including Service Pack 1. When using an array configuration you have to deploy Microsoft’s Network Load Balancing (NLB) for redundancy and load balancing purposes. I configured NLB with multicast and IGMP support. I had configured some HTTPS trunks [...]

Aruba: Split Tunnel with a RAP-5WN

René Jorissen — Fri, 30 Sep 2011 07:18:48 +0000

Split Tunneling is technique, which is used very often in (SSL) VPN scenario’s. The RAP-5WN access points has multiple Ethernet ports to connect different components, like workstations or printers. You can configure the usual user roles and other settings on these Ethernet ports. You can also configure Split Tunneling per Ethernet port. When using Split [...]

Cisco ASA – Reset TCP connection

René Jorissen — Mon, 22 Aug 2011 12:55:58 +0000

“Normal” TCP applications use a three-way handshake to establish a session. After data has been send the session is closed. Some legacy applications don’t always close a TCP session. They keep the session open, even when the session is idle for a long time (+ 2 hours). When the session is idle and a client [...]

Cisco 888G with KPN 3G connection

René Jorissen — Thu, 04 Aug 2011 06:33:29 +0000

Something I don’t see and don’t do very often is the configuration of a router including a 3G connection. So this blog post helps me during the process of configuring future connections. For todays configuration I am using the Dutch carrier KPN to establish the 3G connection. As hardware I am using a Cisco 888G [...]

Cacti: corrupt database

René Jorissen — Thu, 16 Jun 2011 08:53:49 +0000

After rebooting a Cacti server, the customer complained that no new graphs were drawn by the server. I tried to run the poller.php script with the –-force option and noticed the following output: 06/16/2011 10:34:48 AM – SPINE: Poller[0] ERROR: SQL Failed! Error:’145′, Message:’Table ‘./cacti/poller_output’ is marked as crashed and should be repaired’, SQL Fragment:’INSERT [...]

Cisco ASA – Full recovery

René Jorissen — Tue, 24 May 2011 07:10:04 +0000

While trying to perform a password recovery on a Cisco ASA, I noticed that the password recovery feature was disabled on the appliance. Without the password recovery feature enabled, you can recover the Cisco ASA, but the file system will be wiped completely. During the boot of the Cisco ASA you need to press ESC [...]

ISA Server 2006 array – renew certificate

René Jorissen — Mon, 23 May 2011 08:21:16 +0000

When configuring a Microsoft ISA Server 2006 array you have two options for authentication and communication between the Microsoft ISA 2006 Configuration Storage Server and the array members. Windows Authentication: Choose this option if ISA server and the Configuration Storage server are in the same domain, or in different domains with a trust relationship between [...]

Windows CA template – web server and private key export

René Jorissen — Mon, 23 May 2011 05:46:10 +0000

Creating a web server certificate request is very easy when using a Windows CA server. There is one disadvantage. The requested certificate is directly stored in the user store (by default) or the local computer store, if specified during the request. The disadvantage is that you cannot export the requested certificate including the private keys. [...]

Juniper SSG to Cisco ASA VPN with overlapping subnets

René Jorissen — Tue, 29 Mar 2011 13:16:58 +0000

I needed to configure a site-to-site VPN connection between a Juniper SSG firewall and a Cisco ASA firewall. The configuration of a VPN connection is very straightforward, but this time the networks behind the firewalls are overlapping. I have configured the Cisco ASA multiple times in such scenario, but the configuration of the Juniper SSG [...]

OpenSSL for testing TLS

René Jorissen — Thu, 17 Feb 2011 08:30:47 +0000

I was looking for a way to test the TLS configuration of a secure mail server and stumbled across a website called “OpenSSL Command-Line HOWTO”. This websites explains how to test a TLS connection using OpenSSL. The s_client and s_server options provide a way to launch SSL-enabled command-line clients and servers. There are other examples [...]