ScitoDK

Debugging FortiGuard Web Filter Issues After Firewall Reboot

When working with FortiGate firewalls, you might encounter a situation where FortiGuard Web Filtering services become unreachable after a reboot. This can prevent users from accessing web-filtered resources, leading to…

pje February 17, 2025

Auto Expand Disk size via cron

First prep the system for the auto expand script # Create directory for the script to live in sudo mkdir -p /etc/expand-disk Add the Script to crontab to run every…

pje February 11, 2025

Restore a configuration backup on a FortiGate HA cluster

When restoring a configuration backup on a High Availability (HA) cluster, the process should be performed only on the primary unit. The configuration will then automatically synchronize with the secondary…

pje February 8, 2025

Installing and Logging In to Windows 11 Without an Online Microsoft Account

By default, Windows 11 requires you to log in with a Microsoft account during the initial setup process, also known as the Out-of-Box Experience (OOBE). This requirement is part of…

pje January 24, 2025

Powerhslel: Renew Certificate with Specific Template

$templateName = 'RADIUS Template' $certSN = Get-ChildItem 'Cert:\LocalMachine\My' | Where-Object{ $_.Extensions | Where-Object{ ($_.Oid.FriendlyName -eq 'Certificate Template Information') -and ($_.Format(0) -match $templateName) }} | select-object SerialNumber certreq -enroll -machine -q…

pje January 22, 2025

Create DHCP Scope via CLI in Microsoft Server

Create scope through powershell Add-DhcpServerv4Scope -Name "VLAN111" -StartRange 172.16.11.10 -EndRange 172.16.11.100 -SubnetMask 255.255.255.0 Add-DhcpServerv4Scope -Name "VLAN222" -StartRange 172.16.22.10 -EndRange 172.16.22.100 -SubnetMask 255.255.255.0 Add-DhcpServerv4Scope -Name "VLAN333" -StartRange 172.16.33.10 -EndRange 172.16.33.100 -SubnetMask…

pje October 18, 2024

Blog

What is ITSM and Why Does It Matter?

Understanding IT Service Management (ITSM) IT Service Management (ITSM) is a structured approach to designing, delivering, managing, and improving IT services within an organization. It ensures that IT services are…

pje September 26, 2024

Install docker on Ubuntu ( Without SNAP )

sudo apt-get update && sudo apt-get install ca-certificates curl gnupg lsb-release -y && curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \…

pje August 30, 2024

Extend standard disk ( Non lvm)

After the disk has been extended, then rescan for changes. This guide is based on the SDA disk and the 3 partition. Change the device and partition to match your…

pje July 7, 2024

Required Domain Controller Ports through Firewall

Domain controllers play a crucial role in your network. To protect them, ensure that the firewall is enabled and that only the necessary ports for your Domain Controller are open.…

pje June 26, 2024

How to upgrade Windows 2022 from EVAL to Full Version

If you attempt to convert or upgrade Windows Server Evaluation to a fully licensed edition using the standard command line or the CHANGE KEY GUI, you may encounter errors such…

pje June 26, 2024

Extend LVM with extra disk

Find the LVM details of the volume group that you want to add a disk to: sudo lvdisplay Example output, The two with bold are the needed information in this…

pje June 16, 2024

Trust Certificates in Ubuntu/Debian system

Debian as an example. Install the ca-certificates package: apt-get install ca-certificates You then copy the public half of your untrusted CA certificate (the one you use to sign your CSR)…

pje June 8, 2024

Submit CSR to Microsoft CA using CertReq

1: Generate CSR. It will be required in step 3. 2: Right-click Start | select Windows PowerShell (Admin) to launch PowerShell as administrator.3: Execute the following certreq command: certreq -submit…

pje June 7, 2024

IPMI Cli Commands

1. Man and help info for IPMItool ipmitool help man ipmitool 2. To check firmware version ipmitool mc info 3. To reset the management controller ipmitool mc reset [ warm…

pje June 5, 2024

Unlocking the Mysteries of IS-IS Protocol neighboring

In the intricate world of Internet Service Provider (ISP) environments, the IS-IS protocol stands as a stalwart Interior Gateway Protocol (IGP). Its nuanced configuration, troubleshooting intricacies, and dynamic functionality make…

pje May 16, 2024

Blog Knowledge

Understanding Decimal system and convert from DEC to HEX

Understanding Decimal and Hexadecimal Systems Before we delve into conversions, let's refresh our understanding of decimal and hexadecimal systems: Decimal (DEC): This is the number system we use daily, based…

pje May 15, 2024

Blog Knowledge

Understanding Hexadecimal and convert from HEX to DEC

Understanding Hexadecimal and Decimal Systems Before diving into conversions, let’s quickly review hexadecimal and decimal systems. Decimal (DEC): This is the number system we use in our everyday lives. It's…

pje May 15, 2024

Navigating the Transition: Understanding IPv6 Transition Mechanisms

In the ever-evolving landscape of networking, the transition from IPv4 to IPv6 has become an essential journey for organizations worldwide. With the depletion of IPv4 addresses and the exponential growth…

pje May 7, 2024

Overcoming Enterprise WAN Challenges: Building for Agility and Scalability

Next related post can be found here -> Building an Agile Enterprise WAN: Key Design Considerations In today's digital landscape, the enterprise network serves as a crucial foundation for connectivity…

pje May 4, 2024

Building an Agile Enterprise WAN: Key Design Considerations

Previous related post can be found here -> Overcoming Enterprise WAN Challenges: Building for Agility and Scalability In the realm of enterprise networking, the design of Wide Area Networks (WANs)…

pje May 4, 2024

Understanding Route-Maps in Networking: Enhancing Flexibility and Control

n the realm of network engineering, the ability to control and manipulate the flow of data is paramount. Route-maps are a powerful tool in network configuration, particularly useful in complex…

pje April 30, 2024

Mastering Prefix Lists: Enhancing Network Filtering with LE and GE

In the realm of network administration, maintaining precise control over traffic flow is crucial for security, performance optimization, and resource management. Among the arsenal of tools available to network engineers,…

pje April 29, 2024

Eve-NG Goodies

EVE-NG Node Credentials List

Instance NameUsernamePasswordConsole typeCisco ASA 802 no passwd, hit entertelnet Cisco ASA 8.4.2, 9.1.5 no passwd, hit enter telnet Cisco ASAv no passwd, hit enter telnet Cisco IPS cisco ciscoips123 telnet Cisco…

pje April 24, 2024

Extend default LVM Volume

After the disk has been extended, then rescan for changes. This guide is based on the SDA disk and the 3 partition. Change the device and partition to match your…

pje April 9, 2024

Blog security System

Active Directory Environment: Understanding the Tiering Model

In today's interconnected digital landscape, safeguarding sensitive data and maintaining robust security measures is paramount for businesses of all sizes. For organizations utilizing Microsoft Active Directory, implementing a tiering model…

pje April 1, 2024

Blog Network

The Essential Guide to DSCP Values for QoS: Who, Why, and Where to Use Them

Quality of Service (QoS) is a fundamental technology in networks that require reliable and predictable data delivery. It allows for traffic prioritization and management, ensuring that critical applications and services…

pje April 1, 2024

Blog Network

Unraveling the Mysteries of BGP Path Selection

In the grand tapestry of the internet, Border Gateway Protocol (BGP) plays the pivotal role of the postal service, ensuring data packets are delivered through the most efficient routes across…

pje April 1, 2024

Goodies Goodies | Rsyslog

Rsyslog Troubleshooting Guide

Initiating Debug Mode To kick off debug logging from the get-go, prepend your rsyslog.conf file with these lines. This ensures debug logging activates immediately upon the rsyslog service launching: $DebugFile…

pje April 1, 2024

Limit Windows RPC Ports

When using domain services through a firewall the RPC ports must be limited from the range 1025-65535 to specific ports. Windows registry settings, must be implemented at least on domain…

pje January 12, 2024

awareness Blog Knowledge

Understanding SLA Times and the Quest for Nines: A Deep Dive into 3 Nines, 4 Nines, and 5 Nines

As businesses increasingly rely on digital services and technologies, the need for reliable and available systems has never been more critical. Service Level Agreements (SLAs) play a pivotal role in…

pje December 1, 2023

Repairing FortiAnalyzer when disk are in Read-Only mode

Maintenance Mode indicates that the system is unable to detect the hard drives, the hard drives cannot be correctly mounted, or the disk is experiencing corruption. If the hard drives…

pje September 4, 2023

Goodies Goodies | HAProxy

HAProxy – Set Backend Server in maintenance mode

First install socat sudo apt update sudo apt install socat -y Execute the following command where <backend> and <Server> are replaced echo "disable server <backend>/<Server>" | sudo socat unix-connect:/var/run/haproxy/admin.sock stdio…

pje September 2, 2023

Windows – Add NTP Server

Execute the following command, change the timesource to a FQDN or an IP Address w32tm /config /manualpeerlist:<timesource> /syncfromflags:manual /reliable:yes /update Stop time Service net stop w32time unregister and register time…

pje August 16, 2023

Clearing Windows Update Cache Upon Update Failure

Open Command Prompt by Start -> Run and type “cmd“ On the Command Prompt, type “net stop wuauserv“. This is done so that you will terminate the windows automatic update…

pje August 16, 2023

Goodies Goodies | Unifi

Unifi – Set Option 43 for controller IP

Unifi uses option 43 so the switches and AccessPoints can find its controller if it is not present on the same L2 network. Option 43 should be filled out with…

pje August 16, 2023

Goodies Goodies | Linux Goodies | Rsyslog

Rsyslog – Forward logs to another server

Create a new config file under the rsyslog config directory sudo vim /etc/rsyslog.d/30-forward-logs.conf Use single @ for udp forwardingUse double @ for tcp forwarding Example of udp forwarding *.* @172.16.204.1:514…

pje August 16, 2023

Goodies Goodies | Linux Goodies | Rsyslog

Rsyslog – Save login to a seperate file

Create a new rsyslog config file sudo vim /etc/rsyslog.d/10-auth.log.conf Add the following text :msg, contains, ":session" /var/log/rsyslog-auth.log :msg, contains, ":auth" /var/log/rsyslog-auth.log :msg, contains, "COMMAND=" /var/log/rsyslog-auth.log :msg, contains, "session opened for…

pje August 16, 2023

Goodies Goodies | HAProxy

HAProxy Use Multiple Config Files from a folder

Create a folder to contain the .cfg files sudo mkdir -p /etc/haproxy/haproxy.d Change the systemd file used for the HAProxy Service sudo vim /etc/systemd/system/multi-user.target.wants/haproxy.service Find the line that starts with…

pje August 16, 2023

Goodies | Microsoft Goodies | Windwos

Two-Tier CA structure ( Online Subordinate CA )

Prerequisites IIS must be installed and working from the clients that will need the RootCA or certs signed by the RootCA server. See more for a simple IIS install guide…

pje August 15, 2023

Goodies | Microsoft Goodies | Windwos

Two-Tier CA structure ( Offline RootCA )

Prerequisites IIS must be installed and working from the clients that will need the RootCA or certs signed by the RootCA server. See more for a simple IIS install guide…

pje August 15, 2023

Install IIS for Certificate Authority CRL and Root Certificate distribution

Open powershell and install the iis windwos feature mkdir c:\inetpub\certs New-WebVirtualDirectory -Site "Default Web Site" -Name "certs" -PhysicalPath "c:\inetpub\certs" Open the IIS manager Expand the Sites and expand the Default…

pje August 15, 2023