Cisco ASA Domain Authentication and Trust (Allowing)
ASA Domain Authentication KB ID 0000973 Problem I cringed this morning when I was asked about this, last time I had to get a client to authenticate to a domain through a firewall, it was ‘entertaining’. The problem is Windows loves to use RPC, which likes to use random ports, so to make it work you either had to open TCP ports 49152 and 65535 (Yes I’m Serious). Or you had to registry hack all your domain controllers...
You were not connected because a duplicate name exists on the network
Duplicate name exists KB ID 0000991 Problem I hadn’t seen this myself but it was asked in a forum the other day so I replicated it on the test bench. You were not connected because a duplicate name exists on the network. Go to System in Control Panel to change the computer name and try again. or You were not connected because a duplicate name exists on the network. If joining a domain, go to System in Control Panel to change...
Fortigate: Cannot Ping an Interface?
KB ID 0001718 Problem With other firewall vendors (i.e. Cisco) you can ping any interface you are ‘directly connected to’. With Fortigate however you cannot (by default). That’s not the end of the world you can check connectivity using ARP (see below) which is what really cool network techs do instead! But if you want to be able to ping an interface (even for a short period of time). Here’s how to do it....
Cisco Firewalls and PING
KB ID 0000351 Problem With regards to Ping, out of the box a Cisco firewall will allow you to ping the interface you are connected to, so in a normal setup inside clients can ping the inside interface, and the firewalls outside interface can be pinged from outside. OK – to understand pinging through a Cisco Firewall you need to understand that Ping is part of the ICMP protocol suite, and unlike other protocols is not “connection...
Mac OSX – Testing Packet Fragmentation Over VPN
KB ID 0001204 Problem Many moons ago I wrote a post about a problem where I had no RDP over a VPN connection, and all the hoops I jumped though to troubleshoot and fix the problem. Today I had a similar problem, I was connected to a client via Cisco AnyConnect, and I had hair-pinned that traffic, from the client site, over an IPSEC VPN to their servers in the Data Center. Pings were successful, but not RDP. To be honest this affects...