https://knowledge.broadcom.com/external/article/368995/download-vmware-remote-console.html
JacksBlog
Wednesday, 18 June 2025
Wednesday, 4 June 2025
Cisco RMA steps
open case
request RMA
enter serial
chat now
Can I request RMA for this serial number : xxxxxxx
creates a RMA ticket
address needs to have customer name (your address / eircode)
or ship the RMA to the customer site
Friday, 7 March 2025
export user cert from windows cert store
Open MMC
Add certs snap-in
user account and computer store
Check certificates > personal
exported the user cert from user store (use PKCS12 or DER base-64 encoded)
imported user cert into machine
switch aaa and radius authentication settings for duo etc
aaa group server radius DUO-AUTH
aaa authentication login default group DUO-AUTH local
aaa authentication login CON-LOCAL local
aaa group server radius DUO-AUTH
server name DUO-AUTH-PROXY
ip radius source-interface Vlan2
radius server DUO-AUTH-PROXY
address ipv4 192.168.1.1 auth-port 18122 acct-port 18122
pac key 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Wednesday, 5 March 2025
find what DH group an ikev1 S2S VPN is using in ASA
Move away from Groups 2, 5, 24.
DH Groups 2, 5, 24 are considered insecure and are deprecated in FTD’s running 6.5/6.6 and will be removed in a later version.
check 6.7 and 7.1 release notes and search for group 5
https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/device-config/710/management-center-device-config-71/vpn-s2s.html?
IKEv1
show vpn-sessiondb detail l2l filter ipaddress x.x.x.x
Look for "D/H Group" in IKEv1 section
sh crypto isakmp sa detail | i Grp:
sh crypto isakmp sa | i PFS Group 2,
Looking for groups 2 and 5
sh crypto isakmp sa detail | i Grp:2,
sh crypto isakmp sa detail | i Grp:5,
Can copy the full output of " sh crypto isakmp sa detail" to a text file and search
Tuesday, 4 March 2025
QoS palo alto
Make QoS policies
Policies > QoS
Assign policies to a profile:
Network > Network Profiles > QoS Profile
Assign a profile to interfaces
Network > QoS
Thursday, 27 February 2025
why speed test results are usually lower than advertised speed
Overhead
- Your internet speed is measured in raw bits per second (bps), but real-world data transfer includes additional information like headers, acknowledgments, and error checking.
- TCP/IP, Ethernet, and other protocols add packet overhead, meaning some portion of the bandwidth is used for network management rather than your actual data.
- This overhead typically accounts for 5-15% of the total bandwidth, which explains why you rarely see a full 1 Gbps in speed tests.
Speed test client and server
ISP and firewall/network management and contention
- ISPs often use network shaping, congestion control, and peering agreements that affect speed.
- During peak times, ISPs may limit speeds slightly to ensure fair distribution of bandwidth among users.
- Your internal network/firewall may do the same
- Its best to test out of hours with just your test laptop plugged into the internet connection to give the best results