I'm now a Check Point Certified System Administrator (CCSA)! I took the
R77 exam and passed. I have to say I was a little disappointed with the
exam - there were 100 questions in 90 minutes, but I found a lot of the
questions were repeated - albeit with a slightly different phrasing.
Below are the notes I made while I was studying. Definitely lab it
(download … Read whole post...
Sometimes when you are working in secure environments, you can't just go
installing software. But if you need a packet capture, and it's a
windows server, then what? If you can't install Wireshark, then you can
use Microsoft Network Monitor.
The capturing is done via a command-line tool. Once you export the file,
then you have to use some Microsoft software to analyse it - it's … Read whole post...
Recently we deployed a Palo Alto VM-200 firewall. It was a stand-alone
deployment on a remote site. We were going to deploy a pair, but we
didn't see how much value it added as the VM-series firewalls do support
HA but not stateful HA.
As it was stand-alone, it wasn't managed by Panorama. And without
Panorama management, it is seemingly not very straightforward to enable … Read whole post...
A number of times in the last few weeks I have been asked by a number of
What is ARP?
There is the simple answer - which is simply a definition:
Address Resolution Protocol (ARP) is a mechanism to resolve IP
addresses into MAC addresses.
However...that doesn't really explain a lot. It probably doesn't explain
anything you didn't already know. To really understand ARP … Read whole post...
This is a continuation of a previous post.
The last post finished where we thought all was good, because the flash
status code was reading 0xF0, which we were told means both flash drives
are healthy. What we noticed though was that the diag tests were still
failing for compact flash - test 7 - on some of the sups. Initially
Cisco told us that this was … Read whole post...
While troubleshooting a totally unrelated issue, one of my colleagues
noticed that they were seeing packets in a tcpdump that were neither
destined for nor sourced from the server. This is odd, when plugged into
a switch, so we started digging.
Server 1, was sending a stream of packets to Server 2 - in a different
subnet somewhere. Sometimes, although rarely, these packets could be
seen … Read whole post...
It's been a mad couple of weeks with Nexus 7000's. My client hit a
software bug on their Nexus 7k, which turned out to be a most impressive
bug. It basically causes the flash drives to be erroneously marked as
faulty, which then causes them to be remounted in read only. The first
symptom was that you could not save the running configuration by running … Read whole post...
I haven't posted for a while. Work has been hectic, I failed my CCIE
written and lost all motivation, and many other excuses. Whilst I
haven't really been studying CCIE stuff, I have been productive. I have
been learning Python. I decided to automate the process of loading the
INE initial configs onto my CSR routers, using a Python script, and the
power of pexpect … Read whole post...
Recently we had a Cisco Web Security Appliance (WSA) Proxy fail. When I
say fail, I mean a single stick of RAM failed after a reboot. Cisco said
RAM isn't replaceable so we had to RMA the whole box (odd for a device
that is basically a rebadged server...maybe I have a money saving idea
for you Cisco!)
There were a few steps to … Read whole post...
I was recently involved in a project upgrading the core firewall pair
from Checkpoint R71.40 SPLAT to R77.20 GAiA. While very different, a lot
of the configuration is pretty straight forward, and well documented in
various articles on the Checkpoint website.
This setup runs BGP on the firewalls, to learn routes from our internal
VRF's and also the WAN VRF where our MPLS … Read whole post...