Posts:

Juniper ScreenOS BGP Basics : a simple iBGP test case

As explained in one of my earlier posts, ScreenOS supports a couple of ways to provide for dynamic routing. Today, I’m going to explain some basic implementations of BGP on ScreenOS. Unlike my post on OSPF, I won’t Read more

Read More

Using 2 internet links with Juniper screenos Firewalls to separate traffic (pbr) and apply traffic shaping

Scenario : you have 1 Juniper firewall, which has 2 internet connections : an expensive but reliable 4Mbit connection, and a fast, less expensive, but less reliable 20Mbit connection.

Goal : use the reliable connection for smtp traffic (1Mbit) Read more

Read More

Using OSPF on Juniper Netscreen Firewalls

Introduction to OSPF

OSPF is a link-state (dynamic) routing protocol that operates within an autonomous system. OSPF falls within the group of Interior Gateway Protocols. Devices that use OSPF will

  • advertise link state information. The devices generate Link State Read more
Read More

Free tool – PVE TCP Ping Utility – v1.0.0.1

I wanted to share a small utility that I wrote a while ago, allowing you to run a non-interactive ‘ping’ to a tcp port (e.g. from within a script).

This could for example allow you to bring up a Read more

Read More

Free Tool – Cisco Ironport C350 Safelist / Blocklist merge utility

If you have multiple Cisco Ironport C350 devices, you may have noticed that safelist / blocklist entries are bound to an individual device. So if your Ironport devices are both installed to handle incoming mails, end users need to Read more

Read More

Building IPSec VPN with Juniper Netscreen ScreenOS (CJFV)

A few days ago, I have posted some ScreenOS basics on this blog. Today, it is time to take it one step further and to look at setting up and especially troubleshooting IPSec VPN’s with Juniper Netscreen devices.

The Read more

Read More

Juniper Firewall ScreenOS Basics (CJFV)

ScreenOS Concepts & Terminology

The following document is based on ScreenOS v5.4.0r7.0

– Interface = connection to a specific subnet. An interface is assigned an IP address only if firewall is operating in L3 mode. Default interface names can Read more

Read More

Cisco switch IOS cheat sheet

Reset to factory defaults :

  • connect console (9600/8/None/1, no flow control)
  • take out power cable
  • press mode button (at the front), hold it,  and put power cable back
  • switch will go into recovery mode
  • run :
    • flash_init
    • load_helper
  • rename Read more
Read More

Free tool – PVE pcap statistics collector

Keywords : Wireshark Out Of Memory tcpdump statistics pcap

The story I’m about to tell may sound familiar to most of you. You’ve been asked to gather some bandwidth utilization statistics on one of your servers. You’ve installed Wireshark Read more

Read More

Free Tool – Exchange 2007 Outbound SMTP gateway redundancy

(a.k.a. PVE Exch2007 Rerouter manual)

Keywords : Exchange 2007 outbound SMTP relay redundancy SendConnector outgoing mail high availability

Microsoft Exchange 2007 allows you to consolidate your messaging infrastructure and host more users on one server. Combined with the introduction Read more

Read More