Christian Berding
Author's posts
Dec 05 2021
ESX supressing Log Messages
Sometimes it is very useful to filter most of the data coming out of each ESXi host. The destination logging servers will have cleaner logs as most junk is filtered out. This post will define the current defined filters and the source is from the VMware site itself.
Nov 27 2021
EdgeRouter / Wireless Radius Authentication
https://community.ui.com/questions/How-To-Configure-UBNT-Wireless-To-Use-RADIUS-Authentication-With-Windows-NPS-Walkthrough/65d103c1-398b-4cbf-a201-45bba84b6b5f
<work on this when i have time, as requested>
Nov 27 2021
EdgeRouter / VPN – L2TP with Radius
Ubiquiti Edgerouter Remote VPN/L2TP client configuration on IPv4 using radius authentication.
Ubiquiti does not (yet) support IPv6 L2TP.
Nov 20 2021
Freedom/KPN Glasvezel + EdgeRouter 4
Freedom Internet provides fibre optic (glasvezel) connections on various infrastructures, primarily the KPN network. This post will provides instructions to implementing a Ubiquiti EdgeRouter in combination with this service for IPv4, IPv6 and IPTV.
This instruction will skip multi network (WIFI, DMZ, etc) or separating IPTV into dedicated VLAN. That kind of stuff is unique …
Nov 01 2021
Debian: HAProxy and Keepalived (LoadBalancer)
HAProxy is a free and open source software that provides a high availability load balancer and proxy server for TCP and HTTP-based applications that spreads requests across multiple servers. It is written in C and has a reputation for being fast and efficient.
Keepalived main goal is to provide simple and robust facilities for loadbalancing …
Nov 01 2021
Debian: System Security Services Daemon (SSSD) and Active Directory
The System Security Services Daemon is software originally developed for the Linux operating system that provides a set of daemons to manage access to remote directory services and authentication mechanisms. The beginnings of SSSD lie in the open-source software project FreeIPA
Oct 30 2021
Debian: AIDE (Advanced Intrusion Detection Environment)
AIDE (Advanced Intrusion Detection Environment, [eyd]) is a file and directory integrity checker.
It creates a database from the regular expression rules that it finds from the config file(s). Once this database is initialized it can be used to verify the integrity of the files. It has several message digest algorithms (see below) that are …
Oct 30 2021
Debian: RSyslog SSL Forwarding
If you have a central syslog environment which supports TLS/SSL (Splunk, vRealize LogInsight, RSyslog) might be appropriate to encrypt your logging output to these destinations.
Oct 30 2021
Debian: Bind
BIND 9 has evolved to be a very flexible, full-featured DNS system. Whatever your application is, BIND 9 probably has the required features. As the first, oldest, and most commonly deployed solution, there are more network engineers who are already familiar with BIND 9 than with any other system.
Oct 29 2021
OpenSSL / Certificate Management
The OpenSSL Project develops and maintains the OpenSSL software – a robust, commercial-grade, full-featured toolkit for general-purpose cryptography and secure communication. The project’s technical decision making is managed by the OpenSSL Technical Committee (OTC) and the project governance is managed by the OpenSSL Management Committee (OMC).