Fortigate HA Install

 

Sunset At Pensacola Beach

 

Palo Alto 3260 Install

 Palo Alto had a great firewall compared to the competition.  Below is another install as only an IPS box.  

Fortigate 50E Install

PBR: Policy Based Routing On Aruba 3810

 Quick example that I did on an Aruba 3810 to force traffic out to another firewall.

============== Begin =====================

class ipv4 "Camera"

     10 ignore ip 192.168.1.45 0.0.0.0 10.0.0.0 0.255.255.255

     20 match ip 192.168.1.45 0.0.0.0 0.0.0.0 255.255.255.255

   exit

policy pbr "Camera"

     10 class ipv4 "Camera"

      action ip next-hop 10.102.12.2

      exit

   exit

vlan 10

   name "Camaras"

   untagged 1/10,2/10

   ip address 192.168.1.1 255.255.252.0

   service-policy "Camera" in

   exit

============ End ===================

Christmas in Wyoming

 Merry Christmas everyone. 

Pic Of The Week: Mirror

 

www.pfsensefirewall.com

As you all know, White Rhino Security does all vendor firewalls. For our small office, budget related customers,  we have been moving away from Sonicwall and are moving them to pfSense. We decided to make a pfSense blog page, with posts only related to pfSense and related items.  

Find it here at www.pfsensefirewall.com

Mayberry

 

Another Sunset At The Gulf Of Mexico

 

Firewall Migration: Fortinet To Cisco

 It's a time consuming process, but manual moves of the configuration is just what you have to do.  Even if there was a migration tool, I've never seen anything that worked really great. 

The Absurdity Of Macroevolution

 Have you ever really given the myth of evolution any real thought?  Think about these questions:

1.  If we really did come from a single life form (a blob), are you saying that it somehow divided into two separate blobs at some point?  Well, I have never seen that in my life, in anything.  Yes, cells can within a single lifeform, but not become a separate life form.  

2.  And if you believe in evolution (macroevolution), are you saying that somehow, at exactly the same timeframe, that a male and a female miraculously evolved, two separate beings?  Do you realized how many miracles would have had to take place to even get to this one particular miracle?  

3.  We know that species can not reproduce with other species or turn into other species.  But you are saying that something can turn into another species?  I have never seen that happen, nor has it ever been recorded throughout history as known evidence.  Only changes within a species (microevolution).  Macroevolution is just simply ridiculous. 

4.  And are you saying also that this whole existence began with a bang?  That a small spec floating out there in something that already existed, blew up to create more than it even was before?  I have never seen that happen in my life.  If I take a water balloon and pop it, it doesn't become more water and balloon, let alone more elements.  

I could go on and on with the questions that simply make this myth laughable.  You may ask me something like "am I smarter than these scientists who think this stuff?".  My answer is yes, I am smarter to not believe that nonsense.  The only answer to all of this that makes any sense is that we have a God that created us and this whole thing we live in.  And not only that, but that He loves us and wants to have a relationship with each and every one of us, which is through the action He took of restoring us, if we choose to believe in His Son Jesus (Yeshua).  Don't you want to have a relationship with all of your kids?  

Don't believe that nonsense that you are taught in school.  Use your head and think about it.

Pic Of The Week: I Don't Get Tired Of These

 

Pic Of The Week: Smooth Water

 

Can You Ping To A Certain Port Number?

 I had a phone conversation today with someone who said that they thought that they could ping to a certain port number.  I was walking them through using telnet to see if a port was open, when that statement was made.  Thats the quick way to see if a port is open, to just telnet to that port and see if you get a blinking light.  Easy enough, but can you ping to a certain port at the destination end?

Quick answer, No.  Here is why:

Notice above how there is not port number under layer 4 (Internet Control Message Protocol).  You can see Im pinging 4.2.2.2.  But you dont see any port number involved.

Now, lets look at a UDP packet:

At layer 4, you do see port numbers.  Specifically a source and destination port number.  Same for TCP, but not ICMP.  

Always prove with a packet capture.