DNS and Networking Tools

Cisco VPN Site-to-Site Configuration

Router A configuration:
-----------------------

interface FastEthernet0
description "WAN Connection"
ip address 172.16.11.254 255.255.255.0
ip nat outside
crypto map CRYPTO_MAP

interface FastEthernet1
description "LAN Connection"
ip address 192.168.11.254 255.255.255.0
ip nat inside

crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key {SHARED_KEY] address 172.16.23.254

crypto ipsec transform-set ESP_3DES_MD5 esp-3des esp-md5-hmac

crypto map CRYPTO_MAP 10 ipsec-isakmp
set peer 172.16.23.254

Juniper Basic Commands

*Create Vlan:
set vlans VLAN_NAME vlan-id 1000

*Adding Vlan to Interface
set interfaces ge-0/0/3 unit 0 family ethernet-switching vlan members VLAN_NAME

*Show Vlan configuration:
show configuration vlans VLAN_NAME

*Show Interface configuration:
show configuration interfaces ge-0/0/3

*Create vrf:
set routing-instances VRF_NAME instance-type vrf vrf-table-label
set routing-instances VRF_NAME route-distinguisher 1000:2000
set routing-instances VRF_NAME vrf-target target:1000:2000

*Adding Vlan and IP address to Interface:

LDAP authentication on SBS2003 with Fortigate

1. Run dsquery on the Microsoft LDAP server and find the line of username "Administrator". The output should look like:
CN=Administrator,CN=Users,DC=example,DC=com

2. Login using SSH to the FG unit and setup the following attributes:

3. Enter to the LDAP config:
FGT# config user ldap

4. Name of the LDAP Server profile:
FGT# edit "LDAP-Server"

5. IP of the LDAP server
FGT# set server "192.168.11.10"

6. Set the cnid always with "sAMAccountName"
FGT# set cnid "sAMAccountName"

7. Set the dn attribute where to search the LDAP users (usually under OU=Users)

How to enable recipient verification on Exchange

To configure the SMTP service

1. Open the Exchange system manager and go to Global settings > Message Delivery > properties.
2. Select Recipient Filtering.
3. Select Filter recipients who are not in the Directory.
4. Go to Administrative Groups > First Administrative Group > Servers > [your server] > SMTP > the default SMTP virtual server > properties.
5. Select Advanced, then Edit.
6. Select Apply Recipient Filter, then OK.

Telnet to port 25 of your SMTP server and test the configuration.