A lot of companies run Microsoft’s Active Directory AAA infrastructure. A nice add on to AD (apart from my favorite ‘Services for UNIX’) is the Network and Policy Server (NPS). Using this RADIUS server with any radius speaking client is a nice addon that allows the majority of Network infrastructure to use AD as it’s authoriative [ View Post… ]
Microsoft NPS Server + Juniper JUNOS VSA
Handy Internet Interface JUNOS Firewall Filters
Here are two handy firewall filters to apply to any internet facing interface on your JUNOS network device. BOGON List – Apply as input on Internet facing interface – You should also add any Public Address space that you have inside your network [plain] set firewall family inet filter BOGON-DENY term discard-bogon-net from source-address 10.0.0.0/8 [ View Post… ]
Lame Network Joke
tcp packet walks in to a bar and says “I want a beer”, barman says “you want a beer?” and tcp packet says “yes, a beer” An RTP packet walks into a bar through the wrong entrance. The barman says “You’re not getting any special treatment” A multicast packet walks into a bar [ View Post… ]
JUNOS Chassis Cluster Node Connectivity
If you are unfortunately working on a JUNOS chassis cluster that does not have the out-of-band management patched (fxp0) then you must use an alternate way to connect to specific nodes and copy files. You are able to copy files and login from to the non active node via the following methods. To copy files [ View Post… ]
JUNOS AppSecure now on Branch SRXs
So application identification / firewall / secure has made it way to the branch. This is awesome news. So I have managed to obtain a 30 day trial to see how it performs on my home SRX100. With ym simple rule base I have seen 1ms increase in my latency!! After adding the license you [ View Post… ]
MiToken + Junos Two Factor Radius Authentication
Do you have Junos devices? If you do, excellent choice. Do you have MiToken? Once again, love your work there. If you don’t have MiToken, it’s a plug-in to the M$ IAS/NPS servers that allows mutiple types of hard and soft tokens to be used allowing secure OTPs with dual factor authentication with your Active [ View Post… ]
Mac OS X 10.7 Lion + ATEN UC232A USB to Serial Adapter
32- and 64-bit PL2303 drivers for OS X 10.6 are available here. You’ll need to modify, as root, the ‘/System/Library/Extensions/ProlificUsbSerial.kext/Contents/Info.plist ‘ file after installing the driver to suit the USB manufacturer and device ID. For the ATEN UC232A, examples below appear to work for it (for me in 10.7). To obtain the IDs, Wayne Roberts (who [ View Post… ]
New MacBook Air + Lion – spot the difference
The new air is much better looking ! Spaces (10.6) vs. Mission Control (10.7)
Juniper SRX Chassis Cluster + LACP Redundant Eth Interfaces
So a co-worker and I spent some time playing around with JunOS 11’s (I believe it came in with 11 – correct me if wrong) reth’s ability to now be LACP interfaces, as well as just plain redundant. It was not immediately clear how the switch was required to be set up in order to [ View Post… ]
Telstra 3g vs. Vodaphone 3g Latency
Ever wondered why 3G from Vodaphone is so crap? I did, so from Central station I did a ping test on each network one after another. Here is the difference between the latency to an AARNET connected host @ ANSTO. The results speak for themselves. Vodaphone: — 137.157.8.5 ping statistics —10 packets transmitted, 10 packets [ View Post… ]
Recent Comments