ipHouse Products
Debugging IPSec VPNs in FortiGate
Jan 20th
Debugging IPSec VPNs in FortiGate
Debugging what is going wrong with a VPN setup is difficult. The IKE protocol is “chatty”, and negotiates back and forth between the two ends for several rounds. The GUI offers not much help, it is either UP or Down. Most of the real debugging happens inside the CLI.
One problem in particular that has always bugged me is that you need access to the end machines involved to initiate traffic across the link. The network admin typically doesn’t have direct access on the computers on either side of the VPN in order to initiate that traffic. I’ll show you a method that can be used to initiate traffic from that network as well.
More >
Clone-tastic!
Jan 20th
There are many things about virtualization is the ability to clone virtual machines. It’s really cool! Unfortunately, after you work with virtualization for a while you start to take it for granted. I can’t tell you how many times I roll out a new physical machine and sigh because I can’t simply clone it. Well, I can but that’s a discussion for another day.
More >
What does a VDC get you out of?
Jan 20th
A vmForge virtual data center gets you into a private pool of computing resources which you can custom configure to your needs. It gets you into a lean, efficient, reliable, and elastic platform for your business, which can easily grow as you do. But it’s also worth looking at what it gets you out of.
Monitoring, a journey
Jan 9th
Or “How I Stopped Worrying and Learned to Love SaaS”
I touched on monitoring in an earlier post but I thought that I would expand on my thoughts.
Let me just get this out there: LogicMonitor (company site) is awesome. It’s not perfect (what is?), but it’s amazing, simple, straightforward, and it works. It combines effective monitoring with graphing (metrics); it’s easy to understand and customize and it works.
Repeat: It works.
More >
Setting up a LogicMonitor Agent
Dec 30th
LogicMonitor is a really cool server and network monitoring and measurement system which we’ve been working with. It uses a lightweight monitoring agent installed on your local network which collects data from your systems and passes it over SSL to an external aggregator. It’s capable of auto-discovery and is mostly self-configuring though you can adjust many of the metrics. After many years of working with patchwork monitoring and alert systems we’re pretty excited about it. Call us if you’re interested.
Setting up a monitoring agent on your local network is easy. The server hosting the agent just needs a JRE (Java Runtime Environment) installed using version 1.6 or greater and must be able to make an outgoing SSL connection. To monitor Windows systems, you’ll need to install the agent on a Windows server.
