It most certainly does not belong in any network. A network is a network and all networks should be secure. This treatment of home vs business network is precisely the cause that has lead us to inferior networking protocols in home networking that only work on a single network.
Any "firewall" that supports UPnP is not a firewall. Devices inside your network should NOT be able to open pinholes into your network. Disable that crap and use manual port forwarding.
Yes, that is the pass through mode and what you should be doing, per att, when using your own router. I would suggest instead you bypass the RG if you want use your own router. There are multiple ways of doing so and this is widely discussed over on DSLR. Is there a reason why are you using the...
1. Generally no. In my experience there is no such thing as optical auto-negotiation. Perhaps some modules support this. As a rule matching modules on each end.
2. Yes, the socket is backwards compatible.
3. Generally yes but the module itself must support this.
Any chance you or the drivers you installed have enabled jumbo frames or changed the MTU? I ask this because you said the VPN worked and often VPN "adapters" have the MTU default set to <=1450 to offset headers.
Exactly as Samir says! Just because the cable has cat 5e printed on it doesn't mean the installation meets the spec. If you use good cable rated at 350 or 400Mhz and make good terminations with quality connectors you can test to higher specs. Every run in my house tests to cat6+ on the fluke...
Assuming your cable installation actually meets or exceeds 5E standards end to end 2.5Gbps will work as per spec. Per spec 5Gbps will need cat 6 or better. Obviously, you will not exceed 1 Gbps if you continue using routers and switches with only 1Gbps interfaces. You will need to upgrade your...
It is fairly common to flash rebranded cards with OEM firmware. The description of the ebay link plainly says that has been done. Of course it also says the card is new and a new card should not have been reflashed ... meh details lol. I would suggest running this by the STH folks. The folks...
First, vlans are a layer 2 thing and have nothing to do with IPs, static or otherwise.Now, did they actually give you 5 /32 IPs or a subnet? I ask this as 5 IPs is an odd number that doesn't align with a subnet mask
Generally the way this would work is you get a subnet and use one for a router...
That would be true except for the fact we have it on record that both Twiiter and FB were doing the government's bidding when it came to suppressing some topics vs others.
Reading is only part of it. How many of these pro Ukraine Americans have been to Crimea or Donetsk? How many have even spoken to someone from there? Very simply Americans need to travel more. People here tend to think interstate movement is traveling. It is not. We as a country need to go to...
They don't offer anything beyond what it comes with and have no official position or suggestions on 3rd party external antenna. My SE team is unofficially looking to see if what any other customers may be using.
The vpn overhead and extra hops actually added a cpl ms vs direct. In my case the games were hosted on the same ISP and city as home. There was no cloud hosting involved. Locally the ping times are typically less than 3ms between us.
^^^^ That 100% county road wouldn't/hasn't stopped me. $%#$% wireless!!! Drill 30 feet for1 inch conduit from the botttom of one dtich to the other and done. :)
I've got an LTE/5G bridge device for a tertiary internet connection. On going remodeling work has forced me to relocate it from its longtime home. It will not be able to return. The problem with new home is poor signal. I have seen several type of external antenna options but honestly have no...
Since lics were expired I'm going out on a limb and guessing no FAZ or other logging platform and no siem either? So basically no logs beyond the rolling log of the FGT. OUCH! While your getting the lics renewed have mgmt drop for FAZ. I know there is a free 3 device FMG lic for the vm version...
It is very likely they have a firewall of some capacity. It will be missing capabilities such as updated attack signatures and such. Very few enterrpise firewalls these days stop being a basic firewall when lics expire. Those I am aware of that do also fail closed ie stop forwarding packets...
It is highly unlikely you will find anything free to scan a network. The best you'll be able to do for free will be individual workstation scanning. If you've a proper relationship with your firewall vendor you could perhaps convince them to provide some "eval" tools. Otherwise start combing...
I can tell you from personal experience FPS games hosted on US servers will be less than satisfying when played from Asia. Other game type will likely work better but be prepared to experiment to find ones that work well for you and your friends. I tunnel all traffic back to home when traveling...
Banking on a mobile device is already bad enough. A mobile device on a public network?? Remember, you're one bad cert away from being owned and a vpn will not help that. FWIW I bank from a dedicated device that only does such things. Years ago I had a coworker that would be in a coffee shop...
Since the stated goal is to not be blocked it would be best not use dtls which is basically tls over udp. TLS running over tcp 443 would be best option for success.
Why all the IPv6 hatred? :) A dual stack configuration should work just fine. Is the laptop in question configured for private or public? Are you pinging by name? What is the output of ipconfig /all on that system?
That because your system ARPed for the mac before to establish layer 2 connectivity before pinging it. The ping is just the mechanism to force your system to perform the ARP request. The icmp that follows is irrelevant to the use case. There's an old tool on *ix called arp ping that will just...
Assuming your network is flat I'm not sure how that would be. You can't communicate with a device without knowing its mac or for off network devices the mac of the intervening router. If there is an intervening router then the non-local mac is invisible to any tool. That's how IP works. Perhaps...
Almost all businesses these days will block outbound ipsec completely. Lots of places also block known non-ipsec vpn service endpoints. This is the great advantage of running a self managed ssl/tls based vpn.
Had time to look more. I looked in my firewall and it seems the local db has about 19K...
Fortigates certainly have a CPU aside from the asics. The 300D which replaced it had a i3-3220 (Ivy Bridge) @ 3.3Ghz so set your performance expectations accordingly. As said above even if you are able to get something else installed and booted you'll not be able to use the asics. Also, the...
I think I've seen photos of your work and maybe even handled a piece. I'm not so much into knives as firearms but I've a friend down the road in Raleigh that is big time into them. From what I gather you guys have a close knit community. I'll not toss his RL name out but does the name Fitz the...
No I'm responded to an absolute statement made by you. If you want to qualify that statement retroactively that's fine but the statement I responded to had zero qualifications. QoS/CoS is good stuff especially in conjunction with oversubbed mpls/private wan links and a carrier that supports it...
That is absolute killer nic type bunk. QoS only has a positive impact on an oversubscribed circuit or device. The mere fact of processing packets into queues, required for qos, will negatively impact latency ... More processing = more latency. The only way to reduce latency on a device that is...
Hard to go wrong with a Fortigate. As you say they just work. They cover the full range from ultra low to ultra high end with integrated wireless and switch controllers across the line. You can toss in a switch and few APs and manage the lot from single interface. I've a 101F here running fiber...
LOL ... Go back and read my post clarifying what was meant by the term ... PS I worked for the PC Co back then and I will never bad mouth an Aptiva they did exactly what they were supposed to do and did it well. Beyond case design the internals were virtually identical to the "business class"...
Sorry, I assumed you were familiar with the fact that Lenovo is basically the old IBM PC Company business unit with Chinese overlords. The US headquarters is just down the road from the IBM site that used to house them back in the 90s and early 2000s.