Clik here to view.
FRITZ!Box VPN Speedtests
Ähnlich zum dem Site-to-Site VPN Throughput Test der FortiGate Firewalls wollte ich mal den FRITZ!Boxen auf den Zahn fühlen und herausfinden, in wie fern sich der VPN-Durchsatz bei den Modellen...
View ArticleClik here to view.
IPv6 through IPv4 VPN Tunnel with Palo Alto
The most common transition method for IPv6 (that is: how to enable IPv6 on a network that does not have a native IPv6 connection to the Internet) is a “6in4” tunnel. Other tunneling methods such as...
View ArticleClik here to view.
Palo Alto VPN Speedtests
Once more some throughput tests, this time the Palo Alto Networks firewalls site-to-site IPsec VPN. Similar to my VPN speedtests for the FortiGate firewall, I set up a small lab with two PA-200...
View ArticleClik here to view.
Juniper ScreenOS VPN Speedtests
Just for fun some more VPN throughput tests, this time for the late Juniper ScreenOS firewalls. I did the same Iperf TCP tests as in my labs for Fortinet and Palo Alto, while I was using six different...
View ArticleClik here to view.
IPv6 IPsec VPN Tunnel Palo Alto FortiGate
Towards the global IPv6-only strategy ;) VPN tunnels will be used over IPv6, too. I configured a static IPsec site-to-site VPN between a Palo Alto Networks and a Fortinet FortiGate firewall via IPv6...
View ArticleClik here to view.
IKEv2 IPsec VPN Tunnel Palo Alto FortiGate
And one more IPsec VPN post, again between the Palo Alto Networks firewall and a Fortinet FortiGate, again over IPv6 but this time with IKEv2. It was no problem at all to change from IKEv1 to IKEv2 for...
View ArticleClik here to view.
IKE Challenges
A few month ago I published many Layer 2/3 challenges on my blog. Beside the happy feedback I got some remarks that the challenges were to easy at all because you only needed the display filter at...
View ArticleClik here to view.
IKEv1 & IKEv2 Capture
It is probably one of the most used protocols in my daily business but I have never captured it in detail: IKE and IPsec/ESP. And since IKEv2 is coming I gave it a try and tcpdumped two VPN session...
View ArticleClik here to view.
IKE Solutions
Almost 4 weeks ago I published a pcap file with some challenges – this time four falsified configured IPsec VPN connections. If you have not solved it by now you should first download the pcap file and...
View ArticleClik here to view.
True Random PSK Generator on a Raspi
In my previous blogpost I talked about the true random number generator (TRNG) within the Raspberry Pi. Now I am using it for a small online pre-shared key (PSK) generator at https://random.weberlab.de...
View ArticleClik here to view.
Route- vs. Policy-Based VPN Tunnels
There are two methods of site-to-site VPN tunnels: route-based and policy-based. While some of you may already be familiar with this, some may have never heard of it. Some firewalls only implement one...
View ArticleClik here to view.
OSPFv3 with IPsec Authentication
Here comes a small lab consisting of three Cisco routers in which I used OSPFv3 for IPv6 with IPsec authentication. I am listing the configuration commands and some show commands. Furthermore, I am...
View ArticleClik here to view.
Types of VPN
Another small post out of my “At a Glance” series: The different types of virtual private networks (VPNs). Looking at Site-to-Site and Remote Access VPNs. This is one of many VPN articles on my blog....
View ArticleClik here to view.
Route-Based VPN Tunnel Palo Alto Cisco ASA
More than 6 years ago (!) I published a tutorial on how to set up an IPsec VPN tunnel between a Palo Alto Networks firewall and a Cisco ASA. As time flies by, ASA is now able to terminate route-based...
View ArticleClik here to view.
Route-Based VPN Tunnel FortiGate Cisco ASA
More than 6 years ago (!) I published a tutorial on how to set up an IPsec VPN tunnel between a FortiGate firewall and a Cisco ASA. As time flies by, ASA is now able to terminate route-based VPN...
View Article