Troubleshooting VPN slowness – A look at MTU

Problem: Troubleshooting vpn slowness and packet retransmits could be a puzzling task, especially when it’s over an IPsec tunnel. Last week I had the opportunity to troubleshoot a problem with slow website loading times on a webserver across the link….

No Image

100Mb Half Duplex problem between Cisco switch and Linux system

Today I ran into a weird scenario where a Linux system’s NIC would set itself to 100Mb half duplex regardless whether the device and NIC was manually configured to operate at full duplex. After strolling through Cisco’s website Troubleshooting Cisco…

No Image

Cisco ASA/PIX Firewall inside interface routing problem

If you are having issues routing your traffic within the inside interface, or hair-pining your traffic, chances are you need to enable the “same-security-traffic permit intra-interface” command. Take a look at the picture below which explains this problem: Basically when…

No Image

Upgrading an Entrepreneur ASP infrastructure – PART II

After analyzing the situation I have identified several key problems. 1. System Availability – Systems fail frequently due to hardware failures, DoS, and application failures. 2. Collocation is far and administration requires frequent visits 3. Mini tower servers consume space…

No Image

Cisco SPAN, SNMP and Wireshark

Today I was assigned a task to find out and explain a certain network anomaly we are experiencing in our network. The mission started out to be a bandwidth monitoring task against a specific router. This router however was owned…

No Image

Layer 2 Best Practices

I think I should be stepping up my security practices. Here’s an article that I came across summarized all the things one should know about Layer 2 security practices on Cisco switches.

No Image

Cisco ASA/PIX Bandwidth limiting

Today, I got a chance to setup some bandwidth limiting on our Cisco ASA Firewall. The goal was to choke the speed of traffic going to our backup server to 250Mb/s. As our backup traffic goes through a firewall here’s…

How to allow ICMP through your Cisco ASA/PIX firewall

ICMP packets are not stateful, how does the ASA handle them by default? Internet Control Message Protocol (ICMP) pings and traceroute on the PIX Firewall are handled differently based on the version of PIX and ASA code. Inbound ICMP through…