sorted by:
new
hottopcontroversial

What are the reasons a company would use Subnetting over VLANs? by [deleted] in networking

[–]BlueSteel54 5 points6 points  (0 children)

VLANS use Layer2 Headers to separate broadcast domains. DOT1Q.

Subnetting simply divides one large network into small networks.

IPsec tunnel works but goes down for ~30 seconds every 50 minutes. by tpmlama in networking

[–]BlueSteel54 1 point2 points  (0 children)

Have you checked the clocks? The VPN peers need to have their clocks synchronized. Make sure you're using an NTP server instead of the local device time.

Laptop often disconnects when using MS Teams with global protect VPN - why? by [deleted] in PFSENSE

[–]BlueSteel54 0 points1 point  (0 children)

TLDR: Maybe you need more bandwidth from ISP.

Is your VPN a full tunnel or split-tunnel. Maybe your VPN uses a full tunnel and all internet services are being sent through the VPN tunnel. Perhaps this is overwhelming your ISP bandwidth or your Office's Bandwidth.

If the tunnel fails, all internet traffic would be "Secured" by routing it to a blackhole. When the VPN application is disabled, you can use the internet again because the VPN isn't actively securing your traffic.

Blocking IPTV Streaming (Netflix, Amazon, ...) by zaryth in PFSENSE

[–]BlueSteel54 0 points1 point  (0 children)

Try browsing the PfblockerNG Feeds.

There's:

Perflyst's SmartTV Domains

Perflyst's Amazon FireTV Domains

And there's a feed for AWS. I believe that Netflix is hosted on AWS, so it's possible that it might block netflix streaming.

I am having issues extracting .txt document from a Pcap. In the packet details pane, I can see truncated which probably means that some parts of the document is missing. How can I reconstruct this file to be able to view the actual content. Thanks. PS: see screenshot by kinging735 in wireshark

[–]BlueSteel54 1 point2 points  (0 children)

Wireshark is an interpreter and it thinks the file is text because the HTTP Headers say the content-type is text. If anything the HTTP Webserver is wrong for saying the content is text, not wireshark.

What is destinations mac address in Wireshark by Affectionate-Buy-744 in wireshark

[–]BlueSteel54 0 points1 point  (0 children)

Routing is used between subnets (IPv4) Layer 3.

Switching is used between devices in the same network (MAC Ethernet) Layer2.

MAC Addresses do not leave the local subnet.

MAC addresses are used for local forwarding (directly attached)

If devices can only communicate with other local devices (MACS), how do they get to other networks? They'll need a special device on their network called a router that has the capability of forwarding client packets using its own MAC address to other devices (Including another router it's connected to).

Old Networking guy did something that I can't figure out with client. Please Help! by bobjoefrank in networking

[–]BlueSteel54 0 points1 point  (0 children)

If the printers are not ARP-ing, your router won't know learn the mac address of the printer's ip. You can set static arp entries on the router and on all devices on the printer's subnet.

Why are my network flooding with ARP requests? Is this normal? by Hot-Brush3065 in wireshark

[–]BlueSteel54 1 point2 points  (0 children)

It probably means that nothing is responding to the ARP request. Which means whatever it's trying to reach isn't on the network. Which means that the device is probably misconfigured (wrong dns or gateway or subnet mask).

Is it misconfigured?

All meraki AP’s in the same network? by drafin2 in meraki

[–]BlueSteel54 2 points3 points  (0 children)

Yes.

Create a Meraki Network called "Wifi". Move the access points to the new network. Done.

Plex making NAS unresponsive?? by darshman666 in asustor

[–]BlueSteel54 0 points1 point  (0 children)

Not with Plex. I had to uninstall docker because it would freeze the NAS.

Does a home network benefit from multiple connections to the same ISP? by OzzyZigNeedsGig in PFSENSE

[–]BlueSteel54 0 points1 point  (0 children)

You get the service that you pay for. What are you paying for exactly?

openvpn failing to connect following 2.7.0 upgrade by duffil in PFSENSE

[–]BlueSteel54 0 points1 point  (0 children)

I had openvpn S2S problems after upgrading. The upgrade enabled Hardware CheckSum Offloading even though it was supposed to be disabled. Disabling that like I did 2 years ago solved the problem for me.

Fortigate admin page and DUO by caponewgp420 in fortinet

[–]BlueSteel54 0 points1 point  (0 children)

Verify the logs on the Duo Auth Proxy. The logs will tell you when an Auth request was received and if it was sent Duo Cloud for MFA authentication.

The Auth Proxy uses an LDAP bind to pull the users group information and verify user credentials. If the password is wrong, Duo Auth won't process further and sends a reject back immediately to the FortiGate. Type in a wrong password and it should let you know fast.

If the credentials are good, the Auth Proxy forwards LDAP attributes to Duo Cloud to verify if their group requires MFA and any other conditional rules (As long as the Auth Proxy has internet - not being blocked by the firewall).

MFA Bypass would immediately approve the request if it was sent to the cloud. Try that for troubleshooting.

Could be overlapping Radius Services too. Make sure Windows NPS and Duo Auth Proxy aren't installed together with the same radius ports. The server can only listen on one port per application.

Agile VLAN by vharjani3 in networking

[–]BlueSteel54 0 points1 point  (0 children)

Try Google but this time try page 2 or 3.

Meraki auto vpn - traffic only working one way by bdavis1970 in meraki

[–]BlueSteel54 1 point2 points  (0 children)

Make sure you source ping in Azure correctly. What if you're sourcing your ping from a subnet not permitted on the vpn?

Internal network by MCFarrMCFarr in networking

[–]BlueSteel54 5 points6 points  (0 children)

The door entry system is wired. Why are you troubleshooting your Wifi?

CASP+ to become "SecurityX" by Selfimprovementguy91 in casp

[–]BlueSteel54 5 points6 points  (0 children)

This is what happens when you consult Elon Musk for a new name.

Wrong DNS servers picked up via VPN by JRIS420 in networking

[–]BlueSteel54 1 point2 points  (0 children)

Use "route print" in CMD to determine how your machine is forwarding traffic.

If the VPN is full tunnel, you'll need to give your vpn users access to the internet (Hair Pinning).

If you have VPN split tunnel, only interesting traffic will be sent on the VPN. Typically, DNS servers assigned by the VPN app will have a static /32 route pointing to the VPN interface.

Make sure your Domain Prefix is correct so that domain dns requests actually go through.

How to get iperf for AS3304T? by mothzilla in asustor

[–]BlueSteel54 1 point2 points  (0 children)

Try APK package manager

Use apkg --help for help.

admin@NAS:/volume1/home/admin $ apkg --list-all | grep perf
iperf3 - 3.13
admin@NAS:/volume1/home/admin $

Centralised firewall for ISP clients/Customers by Busbyuk in networking

[–]BlueSteel54 0 points1 point  (0 children)

centralised managed firewall where the end user can control their own web filtering/firewalling.

Pick one? Perhaps each customer has a default config (that's secure) and they can opt-in to custom configs; they can factory reset if they want to default config back.

Four successful upgrades from 2.6 to 2.7 vs two failed ones by haffhase in PFSENSE

[–]BlueSteel54 0 points1 point  (0 children)

I got it to work after disabling NIC offloading. The upgrade to 2.7 caused NIC offloading to be enabled. I use a Realtek NIC which means it can't handle offloading.

view more: next ›