Today I wanted to test kamailio SIP server but I didn’t have prior experience on this software and I experienced several problems. After following the installation manual I created the username rtoo. root@debian1:~# cat .kamctlrc SIP_DOMAIN=sip.rtoodtoo.net root@debian1:~# kamctl add rtoo test123 MySQL password for user 'kamailio@localhost': new user 'rtoo' added so far so good. Then
Read More »
In today’s post I will write about how we can setup Dynamic VPN connection towards an SRX device in several scenarios This is part of my JNCIE-SEC studies although I am falling very behind my schedule:( Let’s get started: IPsec VPNs Implementation of IPsec VPNs Multipoint tunnels Policy and route-based VPNs Traceoptions Dual and backup
Read More »
In this post I will try to show how I configured an SRX NAT device to forward PPTP connection. Please read the entire post without applying any configuration as the first part of this post does contain some mistakes:) As you can see in the topology for this, I have used my SRX device (SRX100
Read More »
In JNCIE-SEC exam, one of the IPSEC topics is “Interoperability with 3rd party devices”. In one of my previous post I had already written about this but this time, I will do policy based VPN on SRX side. IPsec VPNs Implementation of IPsec VPNs Multipoint tunnels Policy and route-based VPNs Traceoptions Dual and backup tunnels
Read More »
The method that I follow currently when adding an SRX cluster to Junos Space/Security Director is as follows; 1) Discover the devices under Platform->Devices->Device Discovery->Discover Targets by using fxp0 (or management IP addresses) of each device. Once the devices are added we will have them under device management; 2) Once you go to Security Director->Security
Read More »
In an SRX chassis cluster setup, in addition to interface monitoring you can also use IP monitoring to monitor the health of your upstream path. I have a simple topology to explain how ip monitoring works. In this setup node0 and node1 are part of an srx chassis cluster. reth0.0 interface is part of the
Read More »
In my previous ipsec troubleshooting post, I haven’t talked about how we approach performance issues. Which is probably not a JNCIE-SEC topic but this is a very important topic for the real networks. In this topology I will examine how throughput changes between two end points of an IPSEC tunnel depending on the configuration of
Read More »
In IPSEC topic, I am continuing with traceoptions and troubleshooting section. In this post, I will try to explain how I troubleshoot IPSEC VPNs mostly initial setup. IPsec VPNs Implementation of IPsec VPNs Multipoint tunnels Policy and route-based VPNs Traceoptions Dual and backup tunnels On-demand tunnels DRP over a tunnel Dynamic VPNs Certificate-based VPNs PKI
Read More »
After the introduction to IPSEC a little bit, I am following with the second task and third task in the list which are Multipoint tunnels and policy/route based VPNs. Some of these individual tasks have overlapping case studies because of this I may not write a single post for each task. IPsec VPNs Implementation of
Read More »
Below is the list of topics for IPSEC and NAT that you may see in JNCIE-SEC exam according to exam page. I will not only talk about exam topics but also in general about protocols and my troubleshooting tests. I would like to start JNCIE-SEC with IPSEC as I have lack of knowledge in this
Read More »
You must be logged in to post a comment.