Author: rtoodtoo
Worked for more than 10 years as a Network/Support Engineer and also interested in Python, Linux, Security and SD-WAN
// JNCIE-SEC #223 / RHCE / PCNSE
I don’t know if there is any comprehensive list of changes which brings down an interface apart from specifically disabling the interface. So far I recall two of them which are striking and might not be expected to flap interface. If anyone has also experience, it might be a good place to share. per-unit-scheduler Years
Read More »
I have got the following error while I was trying to copy a file via SCP on Junos. As per the error, I thought it is something to do with my local permissions but I could read the source backup.conf file. I searched online, numerous entries showed up. yilmaz@host> file copy backup.conf scp://yilmaz@10.1.1.1:~/ yilmaz@10.1.1.1's password:
Read More »
if you somehow end up having hundreds of address objects in a PAN firewall and you would like to delete all of them, good luck! probably to prevent accidental removal there is no way on GUI as of now on 7.1.x releases (or I don’t know yet) but if you want to you can use
Read More »
Panorama is a nice management tool. It is nice compared to NSM and Security Director:) On the other hand, I had to deal with an issue which is address group content on panorama was different than the firewall. Here is an example; Panorama had AddGroup1 = Addr1 , Addr2, Addr3 Firewall had AddGroup1 = Addr1,
Read More »
There are various SSH clients for Windows platforms and up until couple of months ago I was thinking that the best SSH client for me was SecureCRT but I discovered another one called Mobaxterm. This product really took my attention, primary reason of which is the richness of the feature set. Fist look at what
Read More »
Slow file transfers must be really bothering everyone. I have a ZyXEL NSA325 NAS device which has a gigabit interface but I am getting extremely low throughput. Unfortunately this has been a problem I think since I bought this device. Now I could finally get hold of time to troubleshoot the issue. Here is my
Read More »
This post aims to give an introduction to configuring Palo Alto Networks firewall for initial deployment as it is for beginners, I would like to cover the following topics; Configure management interface settings (i.e IP Address, default gateway) via console Assign IP addresses to ethernet interfaces and default gateway Configure NAT and Security Policies to
Read More »
Once you are familiar with one firewall, sometimes it is difficult to be comfortable on another firewall. Here I will list 2 things that you do differently on these firewalls. At least these were the first things I noticed. 1) PING On an SRX firewall, if you ping a remote address, command will be accepted.
Read More »
OSPF has slightly different way of removing routes compared to BGP. On this short post, I will present how a link failure is propagated to other routers on OSPF domain. For this test, I have the following topology section in which AREA3 is connected to AREA0 and we simulate a link failure on the Junos
Read More »
What happens when you change a BGP import routing policy in your neighbor configuration? Changes take effect immediately or we need to issue the soft-inbound command to request the routes? Let’s see by an example. We received the route 10.83.0.0/24 from 10.82.1.9 already as you see below. root@J29> show route protocol bgp terse 10.83.0.0/24 inet.0:
Read More »