Too Many TCP Resets

So, recently we enforced some firewall rules on a new environment, we did testing of the environment and everything was working as expected. In about 24 hours a lot of traffic from the web infrastructure was being denied and it continued, at first glance it looked like return traffic was being dropped, the web servers were sourcing at port 443 and the destination ports were using dynamic ports (RFC 6335)

No user or application problems were reported when we enforced rules, and we waited additional days to see if anything came up. Nothing came up, the only thing was a spike in amount of syslog messages of dropped traffic coming from the web servers. So from that point it really wasn’t an issue, but I thought it would be interesting to see what was going on. Continue reading

Advertisements

Factory Reset Firepower 4100 & 9300

I got my hands on some Cisco Firepower 4100 units and after playing around with them I wanted to reset them to factory settings, essentially erase the “startup-config” on the FXOS. The Firepower units act a little differently than your normal Cisco IOS or ASA and you can’t just erase startup-config and reload the device, that would be too easy. (Edit: 7-21-17) After Gabriele made this comment it looks like you can. You also can follow the  password recovery on this post which will also erases the configuration. Continue reading

640-911 (Chapter 5)

Last week we covered chapter four which talked about the TCP/IP and the DoD models and what role they cover in networking as we learned that every application like FTP, DNS, DHCP depend on it. Like always post questions if you have any about the book CCNA Data Center Study Guide from Todd Lammle. I’ll continue to cover  topics of each chapter of the book, plus any examples the book offers and to get an idea of what the Cisco exam would cover. Let’s go over chapter five. Continue reading

Cisco Discovery Protocol

In today’s post let’s talk about CDP the Cisco Discovery Protocol. This protocol helps us in two ways, it first helps us verify that a connection between router or switch is set up correctly  at least up to layer two in the OSI model. This also helps us discover Cisco devices that are in are network and which interfaces these devices are connected too and from are Cisco equipment. The Cisco discovery protocol is Cisco proprietary  and before I go any further let me mention that CDP is a security risk because of the detailed information CDP gives out which helps you has a network administrator build a current network infrastructure, this can also hurt you because this information can easily be sniffed by programs that are easily searched on the internet. Continue reading