This is the continuation of the last blog article, where we have taken a look at how you can set up redundant IPsec tunnels between two palo alto firewalls with dual ISPs. So if you have not set up the IPsec tunnels yet, I would suggest you go back to the article here, and set …
Networking
This is where I talk about the traditional networking, and protocols and its workings simplified with packet captures and others.
You got a palo alto firewall at the edge of your branch network and the headquarters, and you are planning to run IPsec with a dynamic routing protocol on top of it. But you are confused with all the IPsec and BGP configurations, even if you get everything up and running how do you manage …
Palo Alto Networks is a leading provider of next-generation firewalls, and in my previous blog article, I have covered several topics related to the Palo Alto Firewall. In this article, I will provide a step-by-step guide on how to set up a basic DMZ configuration in the Palo Alto Firewall. By the end of this …
The pfSense firewall is a great open-source product that you can set up in your home network. If you would like to use it in an enterprise network, you can use a different version of the same product called pfSense Plus. Both products are identical, but the enterprise derivative receives the latest feature upgrades and …
The Sophos firewall is a powerful next-generation firewall commonly used by enterprise networks. As a network administrator or engineer, you may want to set up a test environment where you can make changes without impacting the production network. The best and cost-effective way to do this is by setting up a virtual lab. In this …
There are several firewall vendors, and Sophos is one of them, when it comes to network security. Many Enterprise customers utilize Sophos Firewall at the network’s edge, and it can also be used in a home lab. But not many of us have the resources to purchase expensive equipment and install it in our home …
This is the continuation of the previous article, where we have set up two site-to-site tunnels from AWS to pfSense, as shown below. First being the primary and second being standby. Basically, we have built the transport over which you can now communicate with each side. However, to dynamically send and receive route advertisements and …
When you deploy the site-to-site VPN between AWS and pfSense using a static route, a phase1 will come up. However, the phase2 will remains down. As a result, the devices on both ends cannot communicate. Even if you try to connect phase 2 from Status->IPsec in pfsense manually, you will see the connection is not …
I’ve had pfSense running on my home network for a long time now. You might use it as your home network’s firewall because it is an excellent open-source firewall. However, you should utilize hardware from Netgate if you wish to integrate pfSense to an enterprise network. I have a PPPoE configured in my network to connect …
We use an IPsec site-to-site VPN tunnel to connect two sites. It provides security and is a lot cheaper than other means of connecting the WAN network. By default, most of the network will have internet access, and the devices they have at the edge of the network will have IPsec capability. That’s the only …
Asa is one of the popular firewall offerings from cisco, used by many on-prem enterprise networks. Many users are now using the ASAv on the AWS cloud; it sits at the edge of the cloud network protecting your AWS resources. You can also take advantage of this setup and configure end-user VPNs such as Any …
There are multiple ways to connect your inter offices using WAN. You can get MPLS, a Dedicated link. Those are the expensive ones, and there is SD-WAN. However, the cheapest and most popular method of connecting two different branch networks is using an IPsec site to site a VPN tunnel. If you have ASA on …
The Paloalto firewall is one of the popular next-generation firewalls in the market. I like Palolalto because it is very easy to use, especially for those who come from the Cisco world. The firewall offering from Cisco is the ASA – Adaptive security appliance. Though it provides security in your infrastructure, it lacks the features …
When you want to connect two remote sites, the easiest and cheapest way is to deploy an IPsec tunnel. The only requirement to connect both offices is that you need a device that supports IPsec capability and an internet connection. That’s it, and you can now build an IPsec tunnel successfully between two sites. ASA …
FortiGate is one of the popular commercial firewalls used by enterprise networks. It is even available for home usage with a smaller hardware version. Sometimes, you might have a virtual license for the FortiGate firewall and wonder how you can virtualize the FortiGate firewall in your network. For the learning purpose, you can install the …
The PPPoE is the standard configuration to enable most consumer internet connections networks. It is the favored method because it provides ease of management with respect to the account, bandwidth, etc. The PPP is a legacy serial link technology that helps to connect between the WAN links. However, PPP doesn’t support natively on the ethernet; …
OPNsense is one of the popular open-source firewalls out there, and it is almost identical to the pfsense firewall. You could replace your home router with an OPNsense firewall. Either get the physical hardware from the OPNsense. If you cannot afford that, another option is to use any old PC and turn them into an …
When you come from a production network, you might think, what if you had a firewall, virtualization platform available in production network gear is available for free? Wouldn’t that be great? That way, you can build your home lab with those gears, right.? That’s when opensource comes to our help. For a free Opensource firewall, …
The pfSense is one of my favorite firewalls, I use it at home and in some of my POC labs, and it works great in pretty much all the environments. Some companies use Pfsense firewall as their edge firewall, which proves that it is an excellent product. I have covered plenty of blogs related to …
We have covered PfSense installation in different hypervisors in the past. When someone tells you about virtualizing PfSense in a bigger network, the first thing that comes to your mind is the VMware ESXi, which is the type1 of hypervisor built only for running Virtual machines. In this blog, we will look at how you …
PPPOE is a common standard that many ISP’s use for providing internet connectivity. It is very popular for consumer networks but not for enterprise networks. However, you will still see some Internet service providers use PPPOE for enterprise networks. It is common because it provides automatic IP assignments, authentication, and bandwidth allocation; moreover, it provides …
OPNsense is an open-source firewall that you can use in any network out there. If you want to set up OPNsense in your enterprise network, you have a specific commercial gear to choose from, or you want to turn any old PC into a firewall, you could do that as well. Unlike pfsense, you can …
We have covered multiple blogs related to the OPNsense firewall in the past. In most of the setup, we used to have an OPNsense firewall connected to the internet, and LAN users could go out to the internet using the firewall. Sometimes you would want to configure internet-facing servers on your network. Maybe you want …
OPNsense is one of the popular open-source firewalls out there. If you want to use them in a small office or at home, it will be the best choice for your network edge, instead of a regular inexpensive wifi router. This firewall is similar to the pfsense but not so popular as the pfsense. Still, …
Many of the FortiGate appliances come with enough ports for you to configure the network. There are times you might be running out of ports and want to configure another network on the FortiGate firewall, so how do you deal with that type of situation? We can configure VLAN on the FortiGate firewall to configure …
We have covered many blogs related to fortigate firewalls in our previous articles. However, it was just the LAN interface connected to the internet in most configurations. But what if you want to add an internet-facing server to your network? In some scenarios, you would want to add servers to the network and allow access …
In my previous blog post, we installed the PFsense firewall on the AWS cloud. When you have Psense firewall installed on the AWS side, you might want to connect to it over VPN as an admin and allow VPN access to your end-users if they are required to get into some AWS resources through pfsense. …
In my previous blog, we have covered plenty of articles related to the pfsense firewall, which is a great firewall if you want to use it for your home purpose. However, suppose you’re going to use it for commercial use. In that case, you cannot use custom hardware with pfsense in it. As per the …
In the last blog post, we have looked at how you can configure Fortigate port forwarding for HTTPS, SSH, and RDP traffic. But that’s not the secure way to access the resources in the corporate network. If you want to have highly secure connectivity between two sides over the Internet, you either need to use …
Port forwarding is a popular feature many networks use to allow access to your servers inside your network over the public internet. It is used primarily for the webservers, where you want to expose ports 80 and 443 to the public. However, it is used by many other applications as well. In this blog, we …