Posted inCisco Network Cisco Policy Based Routing (PBR) Posted by Tim Ng 2022-11-30 之前都已經測試過PBR, 今次再增加點測試題目, 由PC1到R4的lo1 192.168.5.1 PC1 no ip domain-lookup no ip routing ip default-gateway 10.0.0.1 int e0/0 no shut ip add 10.0.0.10 2...
Posted inNetwork Sophos XG Firewall Sophos XG SSLVPN 限時登入 Posted by Tim Ng 2022-11-28 先設定沒有時限的用戶 我的Policy rule比較小, 所以不喜歡使用Rule group 開放HTTPS和SSH會增加security風險, 請自行按需要選擇, User portal亦一樣 使用剛才建立的用戶登入User Portal 選擇需要的設定檔, 本文測試下載IOS設定檔然後email...
Posted inNetwork Sophos XG Firewall Sophos XG 基本上網NAT設定 Posted by Tim Ng 2022-11-28 預設管理URL: https://172.16.16.16:4444 開放https管理頁面會增加風險, 請自行決定 在登入時先設定好secure storage master key, 再設定Encryption password, 在restore的時候需要使用密碼還原 本人習慣清除所有buil...
Posted inNetwork Palo Alto Paloalto 錯誤地提早按了Install Posted by Tim Ng 2022-11-24 在一次升級準備的情怳下, 不小心提早按了Install, 而且在Install過程中找不到取消 比對一下沒有按Install的Active 不小心按了Install的Passive Reference https://knowledgebase.paloaltonetworks.com/KCSArt...
Posted inNetwork Palo Alto Paloalto Preview Changes Lines of Context Posted by Tim Ng 2022-11-24 預設是前後10句, 即是會提出修改的設定, 還會顯示修改的設定上下各10句
Posted inNetwork Palo Alto Paloalto HA Firewall PanOS 8.1.x upgrade to 9.1.x Posted by Tim Ng 2022-11-24 升級版本: 8.1.15-h3 -> 9.1.14-h1 預先下載: 8.1.24, 9.0.0, 9.0.16-h3, 9.1.0, 9.1.14-h1 安裝次序: 8.1.24 -> 9.0.16-h3 -> 9.1.14-h1 假設PA1是Active, PA2是Passiv...
Posted inCisco Cisco AP Posted by Tim Ng 2022-11-18 capwap ap hostname AP1 capwap ap ip 10.20.30.11 255.255.255.0 10.20.30.254 capwap ap primary-base Controller1 10.20.30.200
Posted inCisco Cisco Prime Infrastructure SCP account Posted by Tim Ng 2022-11-17 shell cd /opt/CSCOlumos/bin/ ./getSCPCredentials.sh
Posted inLinux Network Ubuntu NAT & Port Forward Posted by Tim Ng 2022-11-10 https://www.stupid.hk/wordpress/?p=1444 iptables -L nat iptables -t nat -A PREROUTING -p tcp -d 172.20.30.110 --dport 443 -j DNAT --to-destination 10....