Made Checkpoint as a Personal Firewall ;)

Posted by MY CCIE JOURNEY Thursday, June 25, 2009 comments (0)

Hello everybody .. today i have done something which i feel very proud . not a feet really and already done by many of the people who are doing this .. but when ever i see any new technology which serves me i love it .. i simply love it and will share it ..

So what the topic about ?

Nothing serious really .... i have a spare pc (windows one) and what i did was to use check point ng r 55 platform on it ..

requirement :

1. spare pc with atleast 512 mb ram
2. pc has to have two network cards (one for your internal network and other for ext)

installation is fairly simple .. you can download the trial package from checkpoint for 15 day evaluation and install it on the old pc

configure your networks and bingo you network in now being protected by checkpoint ng firewall systems .

one option to consider is to buy license from checkpoint .. if you you need to format your pc in any form ;) and install your firewall

any doubts let me know

best regards
Rakesh

 

Hello here is pix fw emulation video

Posted by MY CCIE JOURNEY Tuesday, June 16, 2009 comments (2)

Even though done by many greats i still wanted to do this video just to help out people and simplify their life with pix / asa activation ..

i was having problems with searching activation keys ..so here iam uploading the activation key and also serial number obtained from google search ..

not this will only work pix723.bin image and i tried on other with no luck ....

Those who already knew pix emulation may skip this video ...

This videos base idea has been take from blindhog.net

here's the link to download ...

I found other interesting email which i got recently from http://www.netbraintech.com/

check out their demo video it impressed me some how .. hope ccie lab proctors allows it for trouble shooting section ;) lol

CISCO PIX UR LICENSE VIDEO (IN GNS3 SIMULATOR)

heres the video link

best regards
Rakesh

  Labels: , ,

cisco pix and asa

Posted by MY CCIE JOURNEY Monday, June 8, 2009 comments (3)

Hello iam amazed with the speed and performance of cisco pix firewall in gns3. Moving on its been fun learning whole new technologies ..

i have presently shifted my path towards security and voice way not that i will be attempting them but to gain good knowledge over all of the security and qos conepts before i take my R and S exam lab . just in case to feel extra bit of familiarity .. no hurry for me .. i still have 1.5 years to deal with R and s beast and silently waiting how cisco r and s team have been dealing with changes with the exam .

next i would be dealing with ccip track to gain high familiarity levels with bgp track .. as said iam enjoying my learning and what surprises me is that iam not learning for my certification of ccsp and ccvp tracks so it give me extra bit of edge over concepts and to take them as i wish as possible and grasp as much as i need ...


installed pix over gns3 and it was real fun part .As mentioned i had problems with UR license but could solve that problem . will be posting all of those videos .. just waiting to see what i can include in my presentations.

learnt concepts about pix firewall family , pix administration , and acls .. was refreshing , object groups , nat principles and pix filtering services ..

will update you with other things ..

best regards
RaKeSh

 

cisco pix and asa in gns3

Posted by MY CCIE JOURNEY Friday, June 5, 2009 comments (0)

Hello i have been trying to install pix and asa in my gns3 .. for the past day i was trying heavily to do some vpn labs but was making mistakes all around after 5-6 attempts i have mastered the art with site-site vpn and gre tunnels .

configuring sdm and acs was done on windows server 2k3 and i managed to configure site-site vpn and gre over ipsec with sdm after going through painful set of sdm where in i faced problems with loopback adapters ..


any how i could manage them . soon i will be releasing a video labs and pics

gooday

 

ipsec - vpn

Posted by MY CCIE JOURNEY Thursday, June 4, 2009 comments (0)

today i have decided to complete off ipsec - vpn and i have done so ..

was having problem installing sdm over gns3 .. but finally could do it ..

i will be posting a detailed screen shots of sdm installation and one very important thing to remember

available sdm versions are 2.5 which seems to be latest along with java 1.6 updates .

my advice is not to use 2.5 use 2.3 with java 1.5 updates instead other wise you are going to waste time as i did

best regards

 

Maximum segment size

Posted by MY CCIE JOURNEY Wednesday, June 3, 2009 comments (0)

Maximum segment size

Ethernet packet size = 1518 bytes

Ethernet II HEADER = 14bytes

ip header = 20 bytes

tcp header = 20 bytes (without options)

data area = x bytes

ethernet II trailer = crc 4 bytes

1518 bytes = 14 + 20 + 20 + x + 4

x = 1518 - 58 = 1460 bytes

there fore a data packet segment size can be a max of 1460 bytes

 

TCP OPTIONS

Posted by MY CCIE JOURNEY comments (0)

TCP OPTIONS

MSS = MAXIMUM SEGMENT SIZE

SACK PERMITTED = SELECTIVE ACKS

WINDOW SCALE = INCREASE WINDOW

TIMESTAMP = DETERMINE ROUND TRIP LATENCY

 

Copyright 2009 - MY CCIE JOURNEY

Theme designed by: Ray Creations, HostingITrust.com, Raycreations.net