Cacti Upgrade
https://www.stupid.hk/wordpress/?p=2488 Cacti: 1.2.27 to 1.2.30 Weathermap: 1.3 to 1.3.1 cd /var/www/html/cacti cat include/cacti_version git status g...
Huawei Switch Firmware upgrade
Model: S5720S-12TP-LI-AC Firmware: V200R011C10SPC600 Patch: V200R011SPH016 to Firmware: V200R022C00SPC500 Patch: V200R022SPH223 <HUAWEI>dis vers...
FortiGate Dialup IPSec VPN取代SSLVPN
由於Fortnet在新版本中已經開始對Desktop Firewall移除SSLVPN, 而Fortinet建議改用ZTNA, 但是ZTNA還需要一個EMS Server, 對於小公司來說就太覆習了, 所以就測試改用Dialup IPSec VPN 這個Lab是以IKEv1測試的, IKEv2暫時測...
Posted inActive Directory Linux
Ubuntu使用AD Account登入
Domain: def.com Group: LinuxAdmin AD User: timng(LinuxAdmin), royli 首先要確定Ubuntu能ping到def.com, 如果不能ping到正確IP, 就要查看DNS apt install sssd-ad sssd-tools re...
FortiGate SDWan for IPSec Tunnel (BGP)
https://www.stupid.hk/wordpress/?p=2694 這篇文章把Static Route改成BGP 先改一下HQ 改其中一個Branch 把原先的Static Routes Disabled了 兩邊都設好BGP就已經Established Learn到BGP route &...
Posted in未分類
openssl 3.x export pfx to windows 2008 or 2012
There was an error while performing this operation. Details: The specified network password is not correct. openssl pkcs12 -export -out C:\Cert\domain...
FortiGate SDWan for IPSec Tunnel (Static Route)
https://www.stupid.hk/wordpress/?p=2658 首先要先設定好基本Network, Desktop1經過Internet已經可以ping通3.3.3.3和4.4.4.4 然後建立Site to Site Tunnel(HQ WAN1 to DC WAN1) 建立Sit...
Posted inNetwork
WireShark + Windows Display vLan Tag
Intel Lan Card [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}\0001] "MonitorModeEnabled"=dword:00000001...
FortiGate SDWan for Internet
這個Lab的Port1 for MGMT管理用, 這裏只需要設定ISP1, HQ, Desktop1 先設定Internet, 以Cisco Router當作Internet host ISP1 int e0/0 ip add 1.1.1.9 255.255.255.0 no shut int e0...
mailcow 更換証書
注意 把証書和intermediate CA/CA放到cert.pem(fullchain), 和Nginx一樣的設定 取代原來的檔案 /opt/mailcow-dockerized/data/assets/ssl/cert.pem /opt/mailcow-dockerized/data/asse...