Hi mates,
how many times you asked to yourself : how can I Outbound NAT internal hosts with PFSense ?
I had the need to create and Outbound NAT for a friend of mine.
The official documentation is quite clear but I would like to add some screenshot to make it more easy and, for this specific article, only for a specific situation : map an internal ip to a fixed external public IP (i.e. for the mail system or other internal services that you want to be known with a different address).
Here you have the link
In my specific situation I needed to Soruce NAT/Outbound NAT an internal Squid Proxy.
Friday, July 10, 2015
Wednesday, July 8, 2015
Powershell change local administrator account password for all computers in the domain
Hi mates,
how many times you asked to yourself : how can I change all pcs local administrator password ?
I had the need to change it for all computers in one of my customer domain.
The password was compromised and the old Microsoft GPO was no longer working (a patch disabled it for security reasons - MS14-025: Vulnerability in Group Policy Preferences could ... - https://support.microsoft.com/en-us/kb/2962486).
So what to do ?
how many times you asked to yourself : how can I change all pcs local administrator password ?
I had the need to change it for all computers in one of my customer domain.
The password was compromised and the old Microsoft GPO was no longer working (a patch disabled it for security reasons - MS14-025: Vulnerability in Group Policy Preferences could ... - https://support.microsoft.com/en-us/kb/2962486).
So what to do ?
Thursday, July 2, 2015
Powershell move computer account to a specific destination Organizational Unit
Hi mates,
how many times you asked to yourself : how can I move computer account in a specific OU ?
I had this need in our Active Directory test environment.
Since we were applying a particular Group Policy we needed to schedule, in a specific time windows, to move these computers.
Here below something that is simple to customize (only the OU where to find the computer account to move and the destination container need to be set).
how many times you asked to yourself : how can I move computer account in a specific OU ?
I had this need in our Active Directory test environment.
Since we were applying a particular Group Policy we needed to schedule, in a specific time windows, to move these computers.
Here below something that is simple to customize (only the OU where to find the computer account to move and the destination container need to be set).
Wednesday, July 1, 2015
Hamlet question : can everything be "Natted" ?
Hi mates,
few days ago , with some friends of mine, we started a discussion about service or application that could be behind a firewall (so "Natted") and services that can't.
First of all what's a NAT ? You can find a tons of articles on internet about the Network Address Translation (RFC 1631).
Anyway the primary purpose of it is to avoid the unconscionable usage of public internet IPs.
So the NAT permit to map IPs between different address realms, in particular when one of these is not routable (ex. private IP addresses).
As the same private ranges (RFC 1918) can be used by several companies/users, they become, for their intrinsic nature, not routable in a public/common infrastructure where ranges are unique and duplicates are not admissible.
Here you have NAT !
The devices that come in play to make this communication possible usually sit at the firewall level, on the frontier.
In this way when an external customer/packet sender wants to communicate with a service that resides in a private area will comes in touch with a NAT device that make the communication possible making the "sender" unaware of the trick.
few days ago , with some friends of mine, we started a discussion about service or application that could be behind a firewall (so "Natted") and services that can't.
First of all what's a NAT ? You can find a tons of articles on internet about the Network Address Translation (RFC 1631).
Anyway the primary purpose of it is to avoid the unconscionable usage of public internet IPs.
So the NAT permit to map IPs between different address realms, in particular when one of these is not routable (ex. private IP addresses).
As the same private ranges (RFC 1918) can be used by several companies/users, they become, for their intrinsic nature, not routable in a public/common infrastructure where ranges are unique and duplicates are not admissible.
Here you have NAT !
The devices that come in play to make this communication possible usually sit at the firewall level, on the frontier.
In this way when an external customer/packet sender wants to communicate with a service that resides in a private area will comes in touch with a NAT device that make the communication possible making the "sender" unaware of the trick.
Subscribe to:
Posts (Atom)