StaticNAT

One of my clients has had their web server exposed to the wild world of the internet now for several years. Up till about a year and a half ago many systems on their network actually had IP ANY ANY statements cut through from the Outside of their Firewall to the Inside. However it has been one of my many jobs since I started with them to eradicate these problems and start securing their infrastructure. The firewall changes have been easy for the most part and any problems that remain are policy issues that we are working to eliminate. However their web server sitting outside of the firewall has been an ongoing issue and due to some anomaly’s on the server they are deploying the recommended DMZ and migrating their web server there.
Continue Reading »

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

Led Zeppelin said it best I guess.  This past week Ohio along with lots of other states got hit with the remains of hurricane Dean.  So far it has been the most damaging storm for my clients in my short consulting career.  The first call came on Tuesday morning August 21st.  That call was from one of our account managers who indicated a client had sustained catastrophic damage to their 6509 when water rushed into their core network closet.  My first two thoughts were how quickly can we get replacement hardware and how long should it take for me to get them back up and going?
Continue Reading »

I am sure that at this point most of you have had some sort of experience with VOIP. My personal experiences are very mixed. On the Enterprise side I have worked on a multi-million dollar install of Cisco VOIP on a new all Cisco Network and it was less than spectacular. As a consultant I have worked with Cisco’s Call Manager Express in it’s home waters of the small/mid sized business and again I felt that it was lacking. However on the personal side I have been an off and on user of Skype for quite awhile as well as other come and go lightweight VOIP apps over the past seven or eight years.
Continue Reading »

Ok so I have been beating my head on ASA to LDAP auth (temporary fix till my client spins up RADIUS) but thanks to the great LDAP group at Cisco TAC I”m up and working. The piont of this post is to take what we tend to know about LDAP client configs and adjust it for what Cisco has setup in PIX IOS 8.
Continue Reading »

Ok I lied.  I am going to put out another update about the Cisco .com outage that I reported here a few days ago.  I talked to one of my contacts within Cisco Engineering and was told “I can’t disclose alot but it was a power outage.”  My reply to him was that I was shocked that Cisco doesn’t use Akamai or another service or even multiple national and international data centers to serve their content out of.  His only response was that there were systems in place and that the failure was not an infrastructure (data that is) failure but a power failure.
Continue Reading »

Well well well…  Thanks to JohnWaynesTeeth I have once more found my little slice of the web on digg this time for The King has left the building…err….the web.  So jump on over to the story and digg it up folks.  Thanks for your time and interest in staticnat.  I hope to be adding some cool new content shortly so stay tuned.

Thats right kiddies. Cisco.com is off line. I have a pending case with TAC in which I was supposed to download files with special access. Stay tuned for that story later. However as I tried to get the files all my attempts to contact anything off of the Cisco main page game up dead. I confirmed this from an iPhone on AT&T m XV6700 on Verizon as well as a network off of the State of Ohio Backbone. With my homework done I contacted an engineer at Cisco who confirmed…” Yep we are down…not one of our best days. We should be back online sometime later tonight. My engineer is in the eastern time zone with me and it was 3pm when he told me this so sounds like the are on the mat for a few more hours. Not sure what the problem is or how wide spread, but I’ll wager that this costs someone their job and Cisco allot of money.
Continue Reading »

One of the Cisco Sales reps I work for called me a few months back and said hey why don’t we use a Cisco Wireless setup and client X to save them a bunch of money? My reply was…crap why didn’t I think of that followed by sure let me get to working on it. In the end we provided a solution that used Cisco 1240 A/G radios, two 5Ghz Point to Point panel antennas. We also got to use the 2.4 Radios for WiFi access on the insides of the buildings that the 5Ghz bridge was serving. Currently I am completing the config but once I have it all done I am going to post the juicy bits (sanitized to protect the client of course) as well as a few pics if the client will permit me to do so.

My company has done quite a few of these in the past. However this was my first go at a Wireless bridge setup. As usual with new projects I was a bit nervous but in the end I have been amazed at how smooth the whole thing went. Wireless connectivity has really jumped a level in my mind now. It was interesting though when I called one of our designers and then one of our engineers and asked “so now that my link is up how do I test the link quality and speed?” The answer was I’m really not sure they just work. For the moment I accepted the answer but in the end I have been troubleshooting a few things and I added my question to the list of things I wanted to solve by the time I handed it off to the client.
Continue Reading »

Just wanted to get a new post up for those of you who check up on my little slice of the web. I am still alive but just buried in work and personal endeavors. One of those happens to be that my wife Patti is Pregnant with our second child. Currently she is about 8 weeks and our two year old Aidan keeps telling us he wants a baby sister. Today though I am finishing up a pseudo vacation and before I go back to my normal 60+ hour weeks I wanted to check up on my site metrics to see if my absence had cause staticnat.com to become another lost soul on the information super highway. I am thrilled to report that it has not. Between my few loyal readers and some new visitors not only have I seen pretty stable numbers but also some pretty unique visitors. The most unique has to be The DOD Network Information Center. As seen here in a capture of my analytics account you can see that two days in a row some folks at the DOD Network Information Center check out my site. They even hung around for a bit and read 3 of my pages. If it happened to be you that visited me from the DOD I would love to hear from you. Feel free to email me at; . That goes for all of my readers. While I don’t have tons of time to write at the moment I am very interested in what my readers are looking for when they visit me and what you would like me to add. I have hundreds of unique Cisco configs that I can sanitize and post as well as lots of other networking information, so if there is something you need drop me a line.

Again thanks for the continuing traffic and I hope to be supplying some new content and configs soon.

The tech sector is an interesting place to work and play.  This is even more true in the high dollar high stakes world of Enterprise networking.  So often customers get locked into a vendor and just keep drinking that vendors coolaid after the first sip.  In cases where that vendor is Cisco it usually isn’t a bad thing (”No one gets fired for buying Cisco!”) but it could be a very costly thing for your organization to focus on a vendor instead of a vendors core competencies and it standings in a particular market.  In doing research on competitive products to the Cisco MARS platform I stumbled across this site of cool links for competitive reviews of Cisco products versus other vendors products.  As with all “third party” testing you need to take these results with a grain of salt (most of these were commissioned by the competitor) but I’m sure there is some good info to be found.  Enjoy this link.