Sometimes you want to see how the tunnel and the transport modes works with encapsulation, especially when using GRE over […]
Archive for ‘Security’
Firepower SSL Decryption Decrypt-Resign and Decrypt-Known-Key Demystified
On Cisco Firepower Threat Defense there are two ways to do SSL Decryption (two actions in the SSL Policy). Decrypt-Resign: […]
DMVPN Hub-Spoke Design and Direct Internet Access DIA
Sometimes you have The requirement of Hub and Spoke in DMVPN with the following constraints: the corporate Internet traffic should […]
Traditional IPsec Versus Cisco SD-WAN IPsec
In traditional IPsec, two IKE tunnels are built in order to establish a VPN Site to Site: Phase 1 Isakmp […]
IPsec Crypto MAP VS IPsec Tunnel Protection Demystified
Many discussions and many questions about GRE over IPSec Crypto map versus Tunnel Protection (IPsec Profile). The old method versus […]
How to Demystify NAT Traversal In IPSEC VPN With Simple Packet Capture
One of the biggest concept in VPN Technologies is NAT Traversal, like NAT Traversal in VOIP deployment with SIP Protocol, […]
GRE Over IPSEC vs IPSEC VTI and Tunnel Mode VS Transport Demystified
GRE Over IPSec IPSec VTI
Cisco Umbrella Deployment Options
Deployment without internal domain For customers that manage internal domains •Uses built-in DHCP server on router, switch, firewall, or Windows […]
IP Layer Enforcement in Cisco Umbrella
Cisco Umbrella is a big DNS service that provides not only the DNS resolution but also if the hosted website […]
How to test Cisco Umbrella solution
If you are using Umbrella/OpenDNS solution, you can use the following links to test your configuration: http://welcome.opendns.com https://welcome.umbrella.com/ Test if […]
Demystify and Simplify 