routeprotocol.com

Network Security

  • VPN Troubleshooting: Cisco ASA IKEv2

    A scenario existed where the Phase 1 of a VPN would result in a proposal mismatch (or no proposal selected) One the local side of the Phase 1 VPN, the settings where selected as group 14 for Diffie-Hellman, encryption as AES 256 bit and SHA 256 for the hashing algorithm. On the remote side of…

  • WireGuard – Minor Bumps in the Road

    A couple of issues I’ve ran into whilst using WireGuard: IPv6 preferred over IPv4 I use DDNS at home on my Mikrotik with the /ip cloud feature, it is a really simple way to map a dynamic IP address to a static host name. I used this static host name for the Wireguard server, unfortuantly…

  • Checking out Wireguard – Server Installation

    Wireguard is the new kid on the block to open source VPN servers, let’s check it out. The code base is described as slim, quick, and easy to set up. I’m starting off with a new and ready to go Ubuntu 20.04 installation, let’s check out Wireguard I start things off with installing the WireGuard…

  • Fighting DNS hijacking with DNS over HTTPs/TLS

    DNS-over-HTTPs/TLS is an up and coming technology that is slowly being adopted by different types of software, Firefox for example is beginning to enable it by default in their browsers with the DNS-over-HTTPs variant. Whilst it has been met with some critism the advantages of finally being able to encrypt DNS queries is a good…