Here is a useful guide from Ubiquiti with regards to running the Controller service as a Windows Service. This is essential when running a centralized controller for your APs and to make sure you contoller would run automatically after a restart rather than enabling it to run maunally. Originally posted at: https://help.ubnt.com/hc/en-us/articles/205144550-UniFi-Run-the-Controller-as-a-Windows-service Readers will learn … Continue reading UniFi: Run the Controller as a Windows service
Tag: Tricks
Fortigate: How to allow (or deny) wildcard FQDN (Domains) in Policy
Note that this is bit buggy for Fortigate FortiOS 5.2 but works for later versions. Also note that there is an issue with Google Chrome, sometimes allowing google.com even if its supposed to be blocked. Remember to add EXPLICIT DENY at the end of your list of wildcard sites == Does wildcard FQDNs work in … Continue reading Fortigate: How to allow (or deny) wildcard FQDN (Domains) in Policy
Cisco Meraki: How to set a wireless network to 2.4Ghz only?
In some challenging wireless environments, specifically those where you do not have 100% coverage, and especially those with a lot of concrete, leaded glass and other RF challenges – 5Ghz can be problematic. Some devices just love to hold on to 5Ghz connections even if the 2.4Ghz signal is better. On your Meraki dashboard, it … Continue reading Cisco Meraki: How to set a wireless network to 2.4Ghz only?
Tricks: How to debug a specific IPSec VPN Tunnel on Cisco.
Let’s say you’ve got a router with well over 100 IPSec VPN peers, and you’ve got this one tunnel that just won’t form correctly. Your not sure why and want nothing more than to debug the IPSec process for this one peer but you know if you debug the isakmp or ipsec process your going … Continue reading Tricks: How to debug a specific IPSec VPN Tunnel on Cisco.
IOS 11 Tip. “Turning Off” your Bluetooth or WiFi from Control Panel doesnt really turns it OFF
BAD NEWS: In IOS 11, turning off BLUETOOTH and WIFI doesnt really turn it off in the background. It just disconnects you from your connected bluetooth peers (or wireless networks) The GOOD NEWS is, there is still away to totally TURN OFF your Bluetooth (and WIFI) to save power. You can do this from … Continue reading IOS 11 Tip. “Turning Off” your Bluetooth or WiFi from Control Panel doesnt really turns it OFF
How to Clear IPSec VPN Remote Peer on Cisco IOS
The following command clears the crypto sessions for a remote IKE peer. You can use context sensitive help ?to find other options. This command will also reset encap/decap counters on the show crytpo ipsec sa peer <PEER_IP_ADDRESS> output Syntax clear crypto session remote IP_ADDRESS Example: clear crypto session remote 1.1.1.1
Useful Cisco Site-to-Site VPN Phase 1 and 2 Status Troubleshooting Commands
One way is to display it with the specific peer ip. Check Phase 1 Tunnel ASA#show crypto isakmp sa detail | b [peer IP add] Check Phase 2 Tunnel ASA#show crypto ipsec sa peer [peer IP add] Display the PSK ASA#more system:running-config | b tunnel-group [peer IP add] Display Uptime, etc. ASA#sh vpn-sessiondb detail l2l … Continue reading Useful Cisco Site-to-Site VPN Phase 1 and 2 Status Troubleshooting Commands
Tricks: Unable to access Sonicwall Management Portal? ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Most modern web browser no longer support RC4 encrytion as it is officially declared unsecured by IETF memo RFC7465 published on February 2015. (See Workaround below to find an older browser to get around this error) Thus if RC4-Only encryption is enabled in SonicOS, it would block access to the Firewall Management Portal and will display "err_ssl_version_or_cipher_mismatch" error … Continue reading Tricks: Unable to access Sonicwall Management Portal? ERR_SSL_VERSION_OR_CIPHER_MISMATCH
DNS resolution over IPsec/SSL VPN on Fortigate
Description This article provides basic troubleshooting to follow when you are not able to access hostname over IPSec VPN tunnel or SSLVPN connection Solution If you are not able to access resources across VPN tunnel by hostname, check following steps: (1) Make sure to set DNS server properly when configuring SSL or IPsec VPN. … Continue reading DNS resolution over IPsec/SSL VPN on Fortigate
Tricks: Steps to Fix the Cisco VPN 412 Error
Cisco VPN Error 412 for Legacy VPN Client v5.0.0.07 Reason 412. The remote peer is no longer responding". Means that the software VPN Client detected that the VPN server is not responding anymore and deleted the connection. It can be anything from IPSEC traffic being blocked by your upstream device, NAT Issues or simply misconfigured VPN Settings: Once … Continue reading Tricks: Steps to Fix the Cisco VPN 412 Error
marktugbo.com 