Here are the steps to configuring AAA: Enable AAA Configure authentication, using RADIUS or TACACS+ Define the method lists for authentication Apply the method lists per line/ per interface It is important to note that Cisco IOS software attempts authentication with the next-listed authentication method only when there is no response from the previous method. [...]

PacketProtector is a Linux distribution for wireless routers, built on top of OpenWrt. The goal of this project is to transform the router into a unified threat management (UTM) device. All you need is a Linksys WRTSL54GS or ASUS WL-500g (Deluxe or Premium) router, and a USB 2.0 drive with atleast 100MB free space.   The UTM features in [...]

CoovaAP is an OpenWRT-based firmware designed especially for HotSpots. It comes with the CoovaChilli access controller built-in and makes it easily configurable. CoovaAP is perfect for just about any HotSpot application – from WPA Enterprise (with RADIUS accounting) to Free WiFi with Terms of Service acknowledgment to commercial HotSpot captive portal applications. Use the embedded [...]

Nagios is a free, open-source tool that can be used to monitor network components and services.  When it detects a problem, it can send alert messages by either e-mail or pager.  It can also be configured so that only designated personnel can view status information for particular services or equipment.  This tutorial will show you [...]

Delivering content relative to the physical location of your users is an excellent (and fairly easy) way to fine-tune the content you’re delivering to be most relevent to the people visiting your site. Two simple ways of doing this are to use an IP-based geolocation lookup, or to do a manual radius search (like a [...]

here are several ways of knowing the last logged in users from your box. most of them shows similar details like username, date stamp, hostname, ip address and the like: Individually issuing them as root : #last -a #lastb -a #lastb username #lastb #lastb username #lastlog So, who is currently logged in? #who #who -a [...]

Server SSH log files provides us information from simple system to critical system security message. Here are quick ways of doing it via CLI terminal. These examples could serve also as starting point to parse more search key strings not only from any ssh log files, but also to other daemon service log file such [...]

In order to configure group lock, send the group policy name in the class attribute 25 on the Remote Authentication Dial-In User Service (RADIUS) server and choose the group to lock the user into within the policy. For example, in order to lock the Cisco 123 user into the RemoteGroup group, define the Internet Engineering [...]

Introduction This configuration allows a central Cisco Secure PIX Firewall to communicate with networks behind two other PIX Firewall boxes through VPN tunnels over the Internet or any public network using IPsec. The two outlying networks have no need to communicate with each other, but there is connectivity to the central network. The two outlying [...]

This section describes an example configuration for using pre-shared keys. It contains the following topics: Scenario Description Configuring PIX Firewall 1 with VPN Tunneling Configuring PIX Firewall 2 for VPN Tunneling If you have a limited number of registered IP addresses and you cannot use PAT, you can configure PIX Firewall to use NAT for connections [...]