All_about_network

Hi this article is an output of my long – term digging around security stuff (and by that I mean especially a lot of IPSec things). After months I kept returning for some resources I cannot find anymore I decided to write quick but (hopefully) comprehensive overview of this technology and most if the things involved. So yes this is only… Continue reading

So this is the long promised scenario that can be used with windows XP (even though it is not really user friendly).

If you need a “PC-client – VPN-concentrator” scenario. Huawei does offer only one-way ticket for you and it is l2tp over IPSec. Unless you want to use some MPLS over IPSec which is in theory also… Continue reading

So after previous post the whole setup should be working. But there are some things to be done yet. The heading says that the missing part is the QoS. So let’s have a closer look.

Step one is easy – just create some ACLs to match the traffic in our case it is goes like this:
#
acl number 3001 name black
rule Continue reading

Ok so in my previous posts I described the most common config of IPsec with IKE. For troubleshooting this config there are few simple things one should check for basic troubleshoot.

No. 1 Check display IKE sa command in user view

Output of this command should show you two IKE entries. It is necessary to be two because if there is Continue reading

As I promised there goes some stuff I was having fun with lately. Followingscenario is from real life and includes some interesting combinations of features.

The problem is stated as follows:

1. AR 19-X is a CPE that is connected to ADSL (SHDSL) line of ISP
2. You need to use GRE tunnel for transporting L3 multicast (especially for OSPF) and IPSec for