When configuring actions in Zabbix for example for problem alerts, there is a built-in method for sending email notifications. Here are the instructions for sending alerts as Twitter direct messages. These instructions are based on a Debian 8 Jessie installation where Zabbix has been installed from the packages in the Zabbix repository. You maybe want […]
I just enabled TLS in majornetwork.net. Everything seems pretty normal, and old http links should still work, redirecting to https. If you notice anything breaking up, let me know. Oh, and don’t report “not working with IE 6 on Windows XP”: It’s not me, it’s you.
This post is an example of configuring an IPsec tunnel with F5 BIG-IP. In the diagram below the IPsec tunnel is configured between SRX210 (Junos 12.1X47-D20.7) and F5 BIG-IP (11.6.0 HF5-ENG11). F5 BIG-IP is connected here in one-arm setup. The SRX240 is not “an interesting device” in this demonstration. It is just a firewall and […]
For replacing a physical remote access VPN implementation with a VPN server in a virtual machine, one of the options is SoftEther. There is a lot of documentation in the site but somehow I felt the material was hard to absorb. In this post I describe the reference implementation I managed to complete with SoftEther. […]
This is the part 2 of my Juniper SRX IPsec LAN-to-LAN VPN posts. In part 1 we had a simple LAN-to-LAN VPN with only one subnet in each site. In this post we have two subnets in Their Site to illustrate the VPN configuration options. Here is the topology for this post. Their Site is […]
In this post I will show two flavours of configuring a LAN-to-LAN IPsec VPN tunnel with Juniper SRX: policy-based and route-based. I have been under impression that those ways are mutually exclusive so that only one way is valid for a given endpoint in the opposite side. How wrong have I been. Here is the […]
Some pointers to documentation in juniper.net that describe the traffic processing in Juniper SRX platform: Juniper Networks Devices Processing Overview (Junos 12.1X47) Flow-Based Processing Feature Guide for Security Devices (Junos 12.1X47) SRX Getting Started — Troubleshooting Traffic Flows and Session Establishment (KB16110) Short version of the processing order: Per packet policer Per packet filter For […]
Just wanted to say this: In Vim under Cygwin the user’s vimrc is not looked up as ~/.vimrc. One of the correct locations is ~/.vim/vimrc. It will be read whether you start your editor as “vi” or as “vim”. You can use a template to start with: Markku@T540p ~ $ mkdir .vim Markku@T540p ~ $ […]
As you can see, I changed the blog theme. I like this Frontier theme for it’s clarity, it’s easy to see where everything is. Some customizations may still occur.
In the field of networking it is very useful to have a centralized location for your logs as the system itself (the network) is distributed. Syslog is the usual method of collecting the logs. There are lots of different solutions to collect syslogs, ranging from general-purpose servers or virtual machines running some syslog daemon software […]