Backtrack:  
 
showing posts tagged with 'network'
 
edited by on March 22nd 2018, at 16:34
On a fresh install of Windows Server 2012R2, not joined to a domain, the first network connection (obtained through DHCP) is always treated as a Public network. Normally, when joining a domain, the network connection then becomes a Domain network, but if the server will not be joined to a domain, you probably will want to set it to Private. Unfortunately, the Public Network link in Network Center is not clickable, and thus, cannot be changed. But you can make the change anyway through the Local Security Policy.

Through Powershell (preferred method):

Look up the name of the network interface (e.g. "Local Area Connection") in the network adapters list.

Open an elevated Powershell   ...
edited by on February 9th 2018, at 10:03

HP 1920 switches (and others of the same kind) have a CLI mode which is highly restricted. It is possible to unlock this, providing full access to the configuration of the switch through CLI.

Log on to the CLI (SSH or Telnet) with the admin user and the password (default: none).

Type and press Enter:

_cmdline-mode on
All commands can be displayed and executed. Continue? [Y/N]

Press Y to confirm.

Please input password:

Enter the password. This is a firmware-set password and is not user-defined. Depending on the firmware, try one of these:

  • 512900
  • Jinhua1920unauthorized

If successful, you can now run all commands.

edited by on April 14th 2017, at 17:15

By default, when logging in on a HP switch in IRF mode using the web interface, you can only retrieve hardware information of the switch holding the master role. You can retrieve information for the other switches when you log on using Telnet or SSH, then type:

display device manuinfo

This will display hardware information for all chassis and slots.

edited by on August 16th 2016, at 14:30
Like private IP address ranges (defined in RFC 1918), there are also private MAC address ranges. These are called Locally Administered Address Ranges which are never used by devices or other vendors. MAC addresses in these ranges can be safely used, assuming they are unique within your network:

x2-xx-xx-xx-xx-xx

x6-xx-xx-xx-xx-xx

xA-xx-xx-xx-xx-xx

xE-xx-xx-xx-xx-xx

The ranges may seem odd but is explained best by this excerpt from Wikipedia:

Universally administered and locally administered addresses are distinguished by setting the second least significant bit of the most significant byte of the address. If the bit is 0, the address is universally administered. If it is 1, the address  ...
edited by on July 9th 2015, at 10:03

RFC1918 states the following blocks of IPv4 addresses that can be used in a Local Area Network. These are "private" address ranges that do not overlap with public IP addresses.

Network/maskClassFirst usable addr.Last usable addr.
10.0.0.0/8Class A10.0.0.110.255.255.254
172.16.0.0/12Class B (x16)172.16.0.1172.31.255.254
192.168.0.0Class C (x256)192.168.0.1192.168.255.254
edited by on July 2nd 2015, at 13:29
Contacting a domain controller in Active Directory is done through DNS lookup. Several DNS SRV records are used to find domain controllers in a site. If multiple domain controllers are present in the same site, the client will arbitrarily select one, based on the contents of those records.

By default, the selection is random, and all DCs have an equal change of being picked. The inherit properties of SRV-records allow for this behaviour to be influenced, by changing the weight and priority of those records. This enables fine-tuning and configuration of which DC to favour or even exclude. By default, all SRV records (thus, all DCs) have their weight and priority set to 0.

The weight defines  ...
edited by on June 26th 2015, at 11:25

Active Directory (AD) integrated DNS zones are not replicated by the DNS server, but replicates through the Active Directory replication mechanism, and uses the same settings for AD replication.

You can trigger replication through Active Directory Sites and Services, or with repadmin.exe on command prompt:

repadmin.exe /replicate target_dc source_dc DC=DomainDnsZones,DC=domain,DC=com

Replace parameters accordingly:

  • target_dc is the DC to replicate to
  • source_dc is the DC to replicate from
  • Edit the naming context so it includes your FQDN: e.g. contoso.co.ukDC=contoso,DC=co,DC=uk
edited by on June 26th 2015, at 10:13
The NTP Pool project is a pool of publicly available time servers, all volunteers. Time servers in the pool are usually stratum 1 or 2 servers. Although the pool consists of NTP servers worldwide, it is divided into geographical location so users can pick from a pool of time servers closest near their geographical position. The pool is probably the most used pool of NTP servers.

Using servers from the pool uses DNS load balancing to randomly assign one or more servers to synchronize to. Up to four different servers can be used. To avoid DNS caching from taking the same server more than once, additional DNS records have been created in the form of:

number.geolocation.pool.ntp.org

number be  ...
edited by on June 24th 2015, at 15:16
For proper troubleshooting of DHCP traffic, it may sometimes be necessary to capture live data on your network. There are a lot of ways on how this is accomplished, so I won't go into too much detail on all the methods available, nor will I explain what DHCP does or how it works.

DHCP (Dynamic Host Configuration Protocol) is used for automatic configuration of a host's network settings, such as IP address, gateway, routing, and more. It works by sending broadcasts using IP/UDP on ports 67 (servers) and 68 (clients). For more information on DHCP, read the explanation on Wikipedia.

In order to capture DHCP traffic, we would then have to monitor packets specifically on port 67/udp and 68/udp.  ...
edited by on June 24th 2015, at 11:10
The logging on a FortiGate firewall is very scarse, making it difficult to troubleshoot issues. This can especially be a problem when setting up a site-to-site IPSEC VPN tunnel. Although the web interface doesn't provide much information for troubleshooting and debugging, the console does when debugging is enabled.

On most (if not, all) FortiGate appliances, you can access the console through the web interface. It usually can be found on the Dashboard (> Status).



As it says, click on the console to activate it.

Enabling debugging for all IPSEC VPNs means we enable debug mode on "IKE". This is done by the following series of commands.

If any debugging is already in progress  ...
edited by on June 22nd 2015, at 10:29
The HP Network Config Utility provides advanced network configuration tasks for HP servers. It allows to set up NIC teaming, VLAN and more.

Uninstalling this software (e.g. after a P2V) is not possible through Control Panel (Add/Remove Programs) because it's not in the list like other HP software components. The only way to uninstall HP Network Config Utility is through an NIC's properties:

Open the network properties for any Ethernet NIC (doesn't matter which one).

In the This connection uses the following items: box (where you also set up IPv4/v6 settings), you'll see the HP Network Configuration Utilty.

Select (click) it, then click the Uninstall button. At the following prompt, click  ...
edited by on June 17th 2015, at 14:33
Angry IP Scanner is a very fast, lightweight IP scanner. It has been around for a long time already, and used by many IT professionals to help accomplish tasks. Although version 3 of the program is available for some time now, I still like to use the old version (version 2), simply because it works on every system without the need for Java (version 3 requires Java, unfortunately).

Version 3 comes with an installer available as a download. Version 2 does not, and although it has the built-in ability to create shortcuts if the user chooses to, I rather prefer a proper installer, with proper uninstallation support, in short: the Windows-way. As no such installer exists, I decided to create my   ...
edited by on June 12th 2015, at 13:14
Attached to this article are scripts to configure proxy settings for Internet Explorer (all versions). As Google Chrome uses the IE settings for their proxy settings, it can be used for that browser as well. I know there are other, far better methods for configuring proxy settings for clients, but continue your read to see why they were not usable in this particular case.

I ran into a customer where they were still using Internet Explorer Maintenance in their group policies to configure proxy settings for their clients. As a result, all users who got more recent computers did not get the proxy settings, as they were running Internet Explorer 10 or newer. Starting from IE10, configuration of  ...
edited by on June 8th 2015, at 10:36
Upon unauthorizing a Windows DHCP server, you may get the following error:

DHCP
The parameter is incorrect.

Most commonly, there are two reasons for this error to occur.

If you have just unauthorized a DHCP server, it may take a while for AD to replicate the change to other domain controllers. As a result, the DHCP server may still think it's authorized, whereas it is not. Either wait for, or trigger AD replication throughout your network.

Another reason for this error to occur is the presence of another DHCP server in AD that no longer exists. You can check this with the netsh dhcp command, available on any server with the DHCP server role installed:

netsh dhcp show server

Run the com  ...
edited by on June 5th 2015, at 14:53

A note of caution: when installing the Fortinet SSO Agent on a server, the option to secure connections from a FortiGate with a password is enabled by default, and a random password is assigned.

You have to turn off or change the password before you add the SSO agent in your Fortigate.

There's no mention of this in the manuals, so now you know...

edited by on June 4th 2015, at 15:30
This article briefly explains how to integrate a HP Procurve and Cisco in one network, and make sure the VLANs are correctly routed across the two switches. I avoid using the term "trunk" as the definition of a "trunk" differs greatly between Cisco and HP: a trunk on a HP Procurve refers in fact to a feature like Cisco's EtherChannel, something entirely different.

Note that for VLAN trunking to work between the two, you need to use the 802.1q protocol. Other protocols, such as Cisco's VTP and ISL do not work on HP Procurve, as they are both Cisco-proprietary.

Multi-port trunking is also outside the scope of this article, but the basics remain the same.

For both switche  ...
edited by on May 22nd 2015, at 09:21

Cisco AnyConnect VPN client may fail on Windows 7 for no apparent reason with the following error:

Error
Unable to establish VPN

A possible reason may be that Internet Connection Sharing has been enabled on one or more network interfaces (e.g. used for making a hotspot out of your laptop). Try disabling ICS, then try connecting again.

edited by on May 8th 2015, at 13:16

If your Samsung Galaxy S5 may not find or be able to connect to a specific 5Ghz wireless network, you may want to check which channel the network is operating on. The S5 has problems when trying to connect to DFS-channels (Dynamic Frequency Selection).

DFS-channels are basically every channel from channel 52 and up. Try setting your AP to a channel between 36-48 (inc.), and then try reconnecting your S5.

edited by on April 28th 2015, at 15:24
This article is a quick reminder (for myself) on how to properly configure port forwarding on a Dell Sonicwall firewall.

First, create the address and services objects you need for the port forwarding. In case of multiple addresses or services, create a group and add all objects in that group.

Address object for a local server



Service group with multiple services



Predefined objects, such as the WAN IP are already present and do not have to be created again. Also, the advantage of using these predefined objects is that they are dynamic: e.g. if the WAN IP changes, the policies and rules that use this object will not have to be changed.

Once the objects are in place, they can be refer  ...
edited by on March 19th 2015, at 16:04
Internet Explorer's Enhanced Protected Mode is an additional layer of security that protects our computer against malicious content from exploiting Internet Explorer and prevents infections on your computer. It is available since Internet Explorer 10, and only on 64-bit versions of Windows. It works by running all Internet Explorer processes in 64-bit mode on a 64-bit computer. Starting from Windows 8, EPM also limits access to the registry and file system to certain (harmless) locations only, further enhancing security on that platform.

It is possible to enable EPM through Group Policy, provided you have the required Internet Explorer 10 ADMX or Internet Explorer 11 ADMX files present on y  ...
 
showing posts tagged with 'network'