Nope... - Firewall

Fri 25 Aug 2023

Catégories:
Tips&Tricks
Firewall
Security

Comprendre les logs IPSEC sur Fortigate

Comprendre les logs IPSEC sur un Firewall Fortigate IPsec phase1 IPsec phase1 negotiating logid="0101037127" type="event" subtype="vpn" level="notice" vd="root" eventtime=1544132571 logdesc="Progress IPsec phase 1" msg="progress IPsec phase 1" action="negotiate" remip=11.101.1.1 locip=173.1.1.1 remport=500 locport=500 outintf="port13" cookies="e41eeecb2c92b337/0000000000000000" user="N/A" group="N/A" xauthuser="N/A" xauthgroup="N/A" assignip=N/A vpntunnel="to_HQ" status="success" init="local" mode="aggressive" dir="outbound" stage=1 role="initiator" result="OK" IPsec phase1 negotiated logid="0101037127" type="event" subtype="vpn" level="notice" vd="root" eventtime=1544132571 logdesc="Progress IPsec phase 1" msg="progress IPsec phase 1" action="negotiate" remip=11.101.1.1 locip=173.1.1.1 remport=500 locport=500 outintf="port13" cookies="e41eeecb2c92b337/1230131a28eb4e73" user="N/A" group="N/A" xauthuser="N/A" xauthgroup="N/A" assignip=N/A vpntunnel="to_HQ" status="success" init="local" mode="aggressive" dir="outbound" stage=2 role="initiator" result="DONE" IPsec phase1 tunnel up logid="0101037138" type="event" subtype="vpn" level="notice" vd="root" eventtime=1544132604 logdesc="IPsec connection status changed" msg="IPsec connection status change" action="tunnel-up" remip=11. Read More...

Tagged Fortigate, Firewall

Wed 5 Jul 2023

Catégories:
Tips&Tricks
Firewall
Security

Debugger un tunnel IPSEC sur Fortigate

Troubleshooting Fortigate firewall: Use the following steps to assist with resolving a VPN tunnel that is not active or passing traffic. Solution Step 1: What type of tunnel have issues? FortiOS supports: Site-to-Site VPN. Dial-Up VPN . Step 2: Is Phase-2 Status ‘UP’? No (SA=0) - Continue to Step 3. Yes (SA=1) - If traffic is not passing, - Jump to Step 6. Flapping - SA is flapping between ‘UP’ and ‘Down’ state - Jump to Step 7. Read More...

Tagged Fortigate, Firewall

Tue 4 Jul 2023

Catégories:
Tips&Tricks
Firewall

ASA PAcket capture

Configure Packet Capture with the CLI Complete these steps in order to configure the packet capture feature on the ASA with the CLI: Configure the inside and outside interfaces as illustrated in the network diagram with the correct IP address and security levels. Start the packet capture process with the capture command in privileged EXEC mode. In this configuration example, the capture named capin is defined. Bind it to the inside interface, and specify with the match keyword that only the packets that match the traffic of interest are captured: Read More...

Tagged Cisco, ASA, Firewall

Tue 4 Jul 2023

Catégories:
Tips&Tricks
Firewall

ASA: Using Packet Capture to troubleshoot ASA Firewall

What are Packet Captures - A Brief Introduction to Packet Captures Packet capture is a activity of capturing data packets crossing networking devices There are 2 types - Partial packet capture and Deep packet capture Partial packet capture just record headers without recording content of datagrams, used for basic troubleshooting upto L4 Deep packet capture will give us everything that a packet can tell, doing a deep packet analysis is like investigating in a forensic lab, it is used in advanced troubleshooting like troubleshooting at L7, troubleshooting for performance related issues, traffic patterns etc There are 2 ways of looking at traffic coming to any device, either collect captures on the ingress of the device or collect captures on the egress interface of the device behind the device in question. Read More...

Tagged Cisco, ASA, Firewall

Mon 1 Aug 2022

Catégories:
Tips&Tricks
Firewall

Troubleshooting Fortigate firewalls

Troubleshooting Fortigate firewall: To view the date and time in the CLI: To view the date FortiGate-VM64-HV # execute date current date is: 2022-08-01 To view time FortiGate-VM64-HV # execute time current time is: 09:54:57 last ntp sync:Mon Aug 1 09:20:07 2022 To view system resources in the CLI: FortiGate-VM64-HV # get system performance status CPU states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq CPU0 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq Memory: 2058672k total, 880400k used (42. Read More...

Tagged Fortigate, Firewall

Thu 12 Aug 2021

Catégories:
Firewall

Geeking out with HAproxy on pfSense

How to use HAproxy to share TCP port 443 for OpenVPN and SSH tunneling.

Tagged pfSense, HAproxy, HTTPS, SNI

Fri 19 Mar 2021

Catégories:
Firewall

FreeeBSD commands

Performance Analysis Tools ![FreeBsd Performance tools]((images/FreeBSD_Performance_Observability_Tools.png) Users adduser # wrapper script to add users chsh # change user shell and other info pw groupadd teamtwo # add a group to the system pw groupmod teamtwo -m <username> # add a user to a group /etc/group # file to edit groups manually id # show group membership for current user System Configuration cat /var/run/dmesg.boot # show boot log with info about disks and pci devices kenv # show bios, board and chassi info (dump from kernel env) pciconf -l -cv # show info about PCI devices of the machine camcontrol devlist -v # list of attached ATA devices ifconfig # show and configure network interface parameters sysctl # tool to show/set all system/kernel coniguration variables sysctl -a # show all system/kernel configuration variables sysctl hw # show hardware related info and settings sysctl net # show all network related info and settings sysctl hw. Read More...

Tagged pfsense

Thu 24 May 2018

Catégories:
firewall

HAProxy to load balance HTTPS traffic

How to use HAproxy to share TCP port 443 for OpenVPN and SSH tunneling.

Tagged pfSense, HAproxy, SNI

Sun 2 Oct 2016

Catégories:
Firewall

Comment configurer une vm pfsense a partir de l'esxi.

Comment configurer une vm pfsense a partir de l’esxi. Configurer le réseau interne de l’esxi Activer le ssh sur l’esxi [2.3.3-RELEASE][root@pfSense.localdomain]/root: route add -net 62.210.87.1/32 -iface em0 add net 62.210.87.1: gateway em0 [2.3.3-RELEASE][root@pfSense.localdomain]/root: route add default 62.210.87.1 add net default: gateway 62.210.87.1 [2.3.3-RELEASE][root@pfSense.localdomain]/root: netstat -rn Routing tables Internet: Destination Gateway Flags Netif Expire default 62.210.87.1 UGS em0 62.210.87.1/32 00:50:56:01:1b:d0 US em0 127.0.0.1 link#6 UH lo0 163.172.226.64 link#1 UHS lo0 163.172.226.64/32 link#1 U em0 192. Read More...

Tagged pfsense

Wed 17 Aug 2016

Catégories:
network
Firewall

how to reset the configuration of ASA to default from tranparent mode.

This will show you how to reset the configuration of ASA to default from tranparent mode.. The following example show how to configure it. Reset of the ASA Access the Appliance Console Follow these steps to access the appliance console. Procedure Connect a computer to the console port using the provided console cable, and connect to the console using a terminal emulator set for 9600 baud 8 data bits no parity 1 stop bit no flow control. Read More...

Tagged cisco

Articles dans Firewall...