UniFi: Run the Controller as a Windows service

Here is a useful guide from Ubiquiti with regards to running the Controller service as a Windows Service. This is essential when running a centralized controller for your APs and to make sure you contoller would run automatically after a restart rather than enabling it to run maunally.   Originally posted at: https://help.ubnt.com/hc/en-us/articles/205144550-UniFi-Run-the-Controller-as-a-Windows-service Readers will learn … Continue reading UniFi: Run the Controller as a Windows service

Fortigate: How to allow (or deny) wildcard FQDN (Domains) in Policy

Note that this is bit buggy for Fortigate FortiOS 5.2 but works for later versions. Also note that there is an issue with Google Chrome, sometimes allowing google.com even if its supposed to be blocked.  Remember to add EXPLICIT DENY at the end of your list of wildcard sites == Does wildcard FQDNs work in … Continue reading Fortigate: How to allow (or deny) wildcard FQDN (Domains) in Policy

Cisco Meraki: How to set a wireless network to 2.4Ghz only?

In some challenging wireless environments, specifically those where you do not have 100% coverage, and especially those with a lot of concrete, leaded glass and other RF challenges – 5Ghz can be problematic.  Some devices just love to hold on to 5Ghz connections even if the 2.4Ghz signal is better. On your Meraki dashboard, it … Continue reading Cisco Meraki: How to set a wireless network to 2.4Ghz only?

Fortigate: How to Source NAT traffic into a VPN Tunnel

Came across an issue on FortiOS 5.4 where a connection to remote peer via an IPSEC Tunnel suddenly stopped working. (My user told me it was working in the past atleast) Setup is the internal IP needs to be NAT'd to an IP that is known to the VPN peer. So for example, 10.5.0.5 (internal) … Continue reading Fortigate: How to Source NAT traffic into a VPN Tunnel

Tricks: How to debug a specific IPSec VPN Tunnel on Cisco.

Let’s say you’ve got a router with well over 100 IPSec VPN peers, and you’ve got this one tunnel that just won’t form correctly. Your not sure why and want nothing more than to debug the IPSec process for this one peer but you know if you debug the isakmp or ipsec process your going … Continue reading Tricks: How to debug a specific IPSec VPN Tunnel on Cisco.

IOS 11 Tip. “Turning Off” your Bluetooth or WiFi from Control Panel doesnt really turns it OFF

BAD NEWS: In IOS 11, turning off BLUETOOTH and WIFI doesnt really turn it off in the background. It just disconnects you from your connected bluetooth peers (or wireless networks)   The GOOD NEWS is, there is still away to totally TURN OFF your Bluetooth (and WIFI) to save power. You can do this from … Continue reading IOS 11 Tip. “Turning Off” your Bluetooth or WiFi from Control Panel doesnt really turns it OFF

Restarting VPN Tunnels on Cisco

In some rare cases, VPN Tunnels hang-up randomly and needs to be bounced or restarted to restart the VPN Tunnel negotiate that on some cases the easiest fix on VPN Down issues Check Phase 1 Status of the Tunnel: show crypto ipsec sa Normal/UP status should show: QM_IDLE (More info on Status here) Restarting VPN … Continue reading Restarting VPN Tunnels on Cisco

How to Clear IPSec VPN Remote Peer on Cisco IOS

The following command clears the crypto sessions for a remote IKE peer. You can use context sensitive help ?to find other options. This command will also reset encap/decap counters on the show crytpo ipsec sa peer <PEER_IP_ADDRESS>  output Syntax clear crypto session remote IP_ADDRESS Example: clear crypto session remote 1.1.1.1

Fortinet – Common PCI/Security audit issues

Fortinet – Common PCI/Security audit issues Leave a commentPosted by cjcott01 on December 29, 2016 This is an ongoing blog, and one that I will update often will things that come up in security audits. Companies are always getting external audits to make sure they comply with policies and have no outstanding vulnerabilities with their systems. This is great, … Continue reading Fortinet – Common PCI/Security audit issues