Vendors generally implement VPNs in a way where phase 1 and phase 2 settings are defined per VPN peer (aka 3rd party we will be establishing the VPN tunnel with) which gives us the flexibility in regards to subnets we will be using for phase 2.
CheckPoint, however, does things a little bit differently which can sometimes give us couple of hours of pain when troubleshooting. Learn how to force CheckPoint to switch to the “traditional” way of configuring phase 2 settings in this guide!
Nowadays almost every website provides an encrypted way of communication between itself and end user. I would love to say it’s because web administrators these are concerned about their visitors’ data safety but, while that might also be true in some cases, browsers these days will show a big “ERRRR, SOMETHING’S WRONG!” warning message when we try to connect to a non-HTTPS website.
While obtaining the certificates is pretty much free nowadays (as long as we’re OK with the amount of trustworthiness we get by running a Let’s Encrypt! certificate) and some providers will even help us put them in the right place, we still have to remember to renew our certificates every now and then. If we don’t then, oh well. We’re back to square one because having expired certificate is as good as having no certificate at all when it comes to browsers screaming at us.
Recently I’ve been toying around with my new, fully featured lab. I couldn’t decide what kind of firewall I’d like to use (obviously considering the fact that I was trying to avoid getting anything commercial). I really enjoyed using pfSense in the past but felt like the UI was a bit dated. Fortunately, OPNSense exists!
After configuring everything and setting up remote access I decided to set up a Zabbix server in my new environment to keep an eye on various things. The one thing I couldn’t monitor, however, was the amount of remote users connected to my OpenVPN server hosted on my OPNSense firewall.
I read a couple of articles, as well as few stackoverflow questions and thought to myself – alright, that won’t be pretty. And it’s not. But hey, it works!
Let’s imagine we have two separate VPNs established to some 3rd parties and they’ve asked us to allow them access to each other’s resources.
This guide will show you how to easily allow routing between VPN communities and what our 3rd parties will have to do in order to get the connection up and running…
It’s a great feeling to have a server! It’s lovely to have it running. It’s nice to know that it’s running. It’s not so nice to come back after few days just to find out our server has, in fact, decided to stop running.
In this article, I’d like to walk you through basic Zabbix installation on a new VM so in future we can set up some alerts that are going to warn us when something funny is happening to our precious website!
Unless the monitoring dies as well, of course…