This website is about building a robust, complex and secure network using free, cheap or otherwise available technologies to achieve enterprise class performances at an affordable cost. The posts are organized in Topics and indexed in the Topics Index page.I was an IT guy with the love for flying: I could legally fly a plane before driving a car and before then I was hacking the firmware of a Commodore 64, but IT wouldn’t pay for flying so I switched hobby with work: flying for a living and IT as a hobby. I am still in love with both and, in the case of IT, especially with the background networking bits: Routers, Switches, Access Servers and the mechanics to make all of this working. Your Comments are welcome to improve the site and develop topics of interest. Thank you for visiting.
This article will illustrate the rationale behind deploying a user selected (and specifically a Cisco) router, notwithstanding cost and complexity, in a home/small office environment. Many people will rely on the ISP provided router to connect to the Internet. This router is often included in the price of the connection, ISP maintained and often when/if it breaks is replaced for free by the ISP.
Given all the advantages, why would you be willing to spend a substantial amount of money to buy a router and why would you decide to buy a complex, expensive (compared to other “consumer grade”) routers? (more…)
The EZVPN configuration used in the previous article forwards all incoming traffic on the VPN inside interface out to the VPN tunnel. This might be less than ideal, but discussing with Cisco TAC I found out that there is no way around it. In this article I will show how to use a second router to avoid this (more…)
This post is part of the VPN series and it will show how to connect a Cisco IOS device using the EZVPN feature to a Witopia IPSEC gateway
When I left the States it was difficult to make do without accessing a series of services that had been available while connected to the Internet there. When you wish to use those services with a computer the solution is simple: load a VPN client and connect.Doing it with a Wii or an Apple TV is a bit more complex: (more…)
This post is part of the VPN series and I will illustrate the parameters you might want to keep in mind when choosing a VPN provider.
The first thing I did when choosing my VPN provider was to jot down what I was planning to do with it in term of (more…)
In this series of posts I will show how to use IPSEC technology and VPN to secure data when roaming in public access hotspots with your mobile devices and then how to implement your own VPN server or connect your home network so some traffic will be forwarded to the VPN and the rest will be forwarded through your ISP network. This post will introduce the VPN basic concepts.
Protecting your data with VPN technology
A few days ago I went with my son to a 5 team water-polo tournament (by the way his team won all 4 of their matches ) and at the swimming pool there was an open hotspot, no password no security. (more…)
In this post I will lay the ground explaining the need to deploy VPN and some considerations about the so-called cloud services and implies trusting them with your data
Data Transport Issues
We expect our data to be always available wherever we are. Most of the time data is not physically on our device: it will have to transit across a network connecting our device (more…)
In this post, which is the last post in the series on how to import YubiRadius, a Free Radius appliance implementing OTP validation, into Xen Open source Hypervisor, we will finally boot our appliance
Well, if you reached this point you are ready to issue the command:
In this post which is part of the series on how to import YubiRadius, a Free Radius appliance implementing OTP validation, into Xen Open source Hypervisor, we will finally create the .cfg file needed by the Hypervisor to create the virtual machine and boot it
As we saw earlier most of the work is already been done by the Xen.tools, which would already have created the cfg file (more…)
In this post which is part of the series on how to import YubiRadius, a Free Radius appliance implementing OTP validation, into Xen Open source Hypervisor, we will modify the image we have built in order to have all the bits and pieces to correctly boot under Xen Hypervisor environment as a paravirtual domain
The image we created in the previous post would not boot as a Xen paravirtual host, but it would (eventually) boot in a fully virtualized domain. It would be extremely inefficient (more…)
In this post which is part of the series on how to import YubiRadius, a Free Radius appliance implementing OTP validation, into Xen Open source Hypervisor, we will build an .img file containing a filesystem, mount it and then copy the Virtual Appliance files into it
The first step consist in creating a file of the proper size with
This statement sets (more…)