Recent Posts

Pages: [1] 2 3 ... 10
1
Home and Small Office Networking / Re: I've been in flux
« Last post by icecream-guy on September 21, 2022, 10:10:47 AM »
it's NVIDIA GeForce MX450 1920x1080.  one of the cost savings.  I am not a heavy gamer, so it suits me fine

https://www.amazon.com/dp/B0B19Q9MXY?psc=1&ref=ppx_yo2ov_dt_b_product_details



2
Home and Small Office Networking / Re: I've been in flux
« Last post by deanwebb on September 21, 2022, 09:07:35 AM »
Nice rig, there. What's the graphics on it like?
3
Home and Small Office Networking / I've been in flux
« Last post by icecream-guy on September 20, 2022, 03:01:33 PM »
Over last weekend, I picked up a Dell Inspiron 15 Model 5510, 32GB RAM 1TB SSD, Intel  I7 Processor. Win10 Pro, with a Dell WD19TBS docking station, new Logitech MK270 Wireless Keyboard And Mouse Combo For Windows, and a USB external CD/DVD RW.  So I've been in in transition moving all my stuff from the 10+ year old HP Computer over to the new laptop,  Upgraded to Win 11, so learning that too,  it's not too bad.   all in all it rans my total cost was under 2K. I still need to get another 24" HDMI monitor. so I can have 2x24.

I still have a lot of software to install, and reconfiguration of said applications.  I did lose my Office Pro install.... apparently the legit retail licensed, Office 19 Pro, that I bought online a few years ago wasn't so legit as advertised..

4
Homework Help / Re: Why not authenticate the whole packet in ESP mode?
« Last post by deanwebb on September 04, 2022, 02:30:54 PM »
Found a good summary of the differences: https://www.ibm.com/docs/en/zos/2.3.0?topic=ipsec-ah-esp-protocols

AH auth would be redundant: Authentication Header auth. Rather, AH is auth, nothing more. ESP can provide richer functions, but you may want to use AH and ESP together to have the functions ESP brings enclosed in the full auth we get with AH.
5
Homework Help / Why not authenticate the whole packet in ESP mode?
« Last post by blueberry123 on September 03, 2022, 10:42:22 PM »


In AH:

a) Transport Mode:
Entire packet Authenticated

b) Tunnel Mode:
Entire packet authenticated

https://imgur.com/a/yfnyRxn


In ESP:

1) Transport Mode:
Only ESPH-ESPT  authenticated
Original IP Header not authenticated.

2) Tunnel Mode:
Only ESPH-ESPT  authenticated
New IP Header not authenticated.

https://imgur.com/a/TawV5KA


Why is this difference found in them? Is there a reason behind them? Why not authenticate all of the packet? What problem would it create?

And why is there no such thing called AH auth but there's ESP Auth? Shouldn't AH Auth data also be in the figure shown above?

Also, Is there a reason why the modes are named "Tunnel" And "Transport"?

Source:https://networklessons.com/cisco/ccie-routing-switching/ipsec-internet-protocol-security

6
Certifications and Careers / Re: Certification Goals 2022
« Last post by deanwebb on September 03, 2022, 03:57:10 PM »
Got them both. PSE Strata P has plenty of sales in it, fun times. PCNSA is way more technical - read the admin guide before testing, that's what saved me!
7
I'm doing my Palo certs and I can think of a GREAT solution for this involving an HA pair of PA-7000s in Virtual Wire mode. May be a bit pricey for a home solution, but you'll certainly have peace of mind that all is running as it should. :smug:
8
Ignoring why you would want to do this you should be able to setup one router with 192.168.0.1 then set the other to 192.168.0.2. Set every machine with a static IP, and assign the gateway IP based on which link you want them to use going outbound. All the systems can talk to each other, but will only use the gateway you configured to go out. If you want to swap a system you update the gateway to point to the other IP.

-Otanx
9
And that router needs to be set up so that the ONLY outbound routes for 1 and 2 are to the Cable ISP and the ONLY outbound routes for 3 and 4 are the DSL ISP. I'd add in also that all inbound traffic from the "wrong" connection should be dropped at the router, since you don't want it to come in.

Now, the design question... why do they get to talk to each other but have to use different ISPs? If it's a matter of load sharing, there are link balancer products that would permit that without having to introduce a routing scheme for your 4-PC setup.

If this is a home office or small office (SOHO is the acronym that describes this market), then it may be that you could get a managed switch that allows you to do VLANs and Layer 3 functions, that's what you would look for in that product. But it needs to be a managed SOHO device, because there will be configuration elements that you will have to specify for it to function as desired.
10
you should have 2 seperate networks and using a router to route between  networks
Pages: [1] 2 3 ... 10