🔴 Pathping: A Useful Network Troubleshooting Tool
Pathping is a network troubleshooting tool that combines the features of ping and tracert commands. It allows you to test the connectivity and performance of a network path between a source and a destination. It does this by sending ICMP echo requests to each router along the path and measuring the latency and packet loss at each hop. Pathping can help you identify which routers or links are causing network problems, such as slow response time or high packet loss.
▶️How to use pathping
Pathping is available on Windows operating systems. You can run it from the command prompt or PowerShell by typing `pathping` followed by the IP address or hostname of the destination. For example:pathping 1.1.1.1
Pathping will first trace the route to the destination and display each hop along the way. This may take a few seconds depending on the number of hops. Then, it will send 100 echo requests to each hop and compute the statistics based on the replies. This may take several minutes depending on the period between pings.
▶️How to interpret pathping results
Pathping results can help you diagnose network issues by showing you where the latency or packet loss occurs along the path.
-If you see high RTT values or packet loss at the first hop, it means there is a problem with your local network or your default gateway.
-If you see high RTT values or packet loss at the last hop, it means there is a problem with the destination network or host.
-If you see high RTT values or packet loss at an intermediate hop, it means there is a problem with that router or link.
-If you see high RTT values or packet loss at multiple hops, it means there is a problem with a network segment between those hops.
▶️How to speed up pathping
Pathping can be slow because it sends many pings to each hop and waits for a long time to compute the statistics. You can speed up pathping by using some switches to modify its behavior.
- You can use `-n` switch to prevent pathping from resolving the IP addresses of intermediate routers to their names. This can save some time if DNS resolution is slow or unavailable.
- You can use `-q` switch to specify the number of echo requests sent to each router in the path. The default is `100`, but you can lower it to `10` or `20` if you don't need very accurate statistics.
- You can use `-p` switch to specify the number of milliseconds to wait between consecutive pings. The default is `250`, but you can increase it to `500` or `1000` if you want to reduce network congestion or burst losses.
For.eg. you can use this command to speed up pathping:
pathping -q 10 -n -p 500 google.com
This command will send only `10` pings to each hop, skip DNS resolution, and wait `500` milliseconds between pings.
Wednesday, 5 July 2023
Pathping: A Useful Network Troubleshooting Tool
Wednesday, 14 June 2023
Configuring Site-to-site IPSec VPN on FortiGate
IPsec (Internet Protocol Security) is a framework that helps us to protect IP traffic on the network layer. Why? because the IP protocol itself doesn’t have any security features at all. IPsec can protect our traffic with the Confidentiality, Integrity, Authentication and Anti-replay.
A site-to-site VPN connection lets branch offices use the Internet to access the main office's intranet. A site-to-site VPN allows offices in multiple, fixed locations to establish secure connections with each other over a public network such as the Internet.
IPsec is pretty complex and there are a lot of different ways to implement it.The following video provide instructions for configuring site-to-site IPSEC VPN on FortiGate-to-FortiGate firewall.
Tuesday, 8 March 2022
AWS Site To Site VPN Connection - Step by Step
Login into the AWS console using the below URL.
After successful login, click on services and select VPC under Networking & Content Delivery.
Click on Your VPCs
To create a new VPC, click on the Create VPC button.
New VPC created successfully. Click on Close button.
Click on Subnets option under the Virtual Private Cloud section.
Provide a name for your subnet and select the VPC from the drop-down list.
Now click on Route Tables option.
Provide a relevant name for this routing table.
To associate the subnet with the routing table, Select the corresponding routing table and click on the Subnet Associations tab.
Then click on the Edit subnet Associations.
Now Select the subnet and click on Save button.
Now select the Route Propagation Tab and click on Edit Route Propagation button.
Then Select the Propagate checkbox
and click the save button.
Select the Internet Gateway link under Virtual Private Cloud section and click on Create Internet Gateway button.
Select the newly created Gateway and click on Action – Attach to VPC.
Select the VPC from the drop-down list and click on Attach. Now the Gateway status has changed to Attached state.
Now we needed to add the routing entry for the Internet Gateway connection. To do that, click on Routing tables link and select the entry which we create earlier.
Select the Routes tab and click on Edit Routes. Then Click on Add Route.
Type destination as 0.0.0.0/0 and select target as Internet Gateway from the drop-down list. Then click on Save Routes to save the changes
Click on the NAT Gateways link under Virtual Private Cloud section.
To create a new NAT Gateway, click on the Create NAT Gateway link.
It will take a few minutes to change the NAT Gateway status to available.
Click on the Customer Gateway link under Virtual Private Network section.
To create a new link, click on the Create Customer Gateway button. Provide a name for your connection and add the public address of your internal network firewall. Then click on create customer gateway button.
The new connection will be available in the list.
The next step is to create a virtual private gateway.
The next step is to create a virtual private gateway. Navigate to VPC → Virtual Private Network (VPN) → Virtual Private Gateways, click on Create Virtual Private Gateway, give it a name tag and under ASN select Amazon default ASN. Finally, click on Create Virtual Private Gateway.
Initially the virtual private gateway has a detached status and we need to attach it to a VPC. Select the newly created virtual private gateway, click the Actions button and select Attach to VPC. Finally, click on Yes, Attach and wait until the status changes to attached.
After a few minutes, VPN status has been changed to the attached state.
Click on site-to-site connection under VPN Section. Click on Create VPN Connection.
Provide a name for your connection and select the corresponding VPN and Customer Gateway from the drop-down list.
Under Routing Options, select the static option and provide your on-premises internal network CIDR block. Then click on the create button.
Finally, click on Create VPN Connection and wait several minutes until the VPN connection is created and displays the state as available.
If you click on the tab Tunnel Details, you notice that the VPN connection is using two tunnels but their status is currently down. We are going to bring them up by connecting our local network with AWS. To do that click on the button Download Configuration and select Generic under Vendor which automatically populates the other options. Finally, click on Download.
The settings may vary based on your internal network configuration. After configuring the local firewall/router settings both tunnel will up.
Confirm Tunnels Are UP
Once your VPN is configured on-premises,
- Select Site-to-Site VPN Connections
- Select the connection that was just created
- Select Tunnel Details.
- Monitor the status of the tunnels. After several minutes, at least one of the two tunnels should transition to the UP state.
REFERENCE
https://docs.aws.amazon.com/vpn/latest/s2svpn/SetUpVPNConnections.html
Wednesday, 7 October 2020
How to Prevent Ransomware Attack
Ransomware is an advanced form of cyberattack, and one of the biggest threats that security teams around the world are facing. Ransomware is an escalating, increasingly sophisticated threat—and no one seems to be immune. Although ransomware initially targeted home users, it is spreading quickly into the enterprise. Recent reports from security firms such as Kaspersky, Norton, and FSecure offer a scary view of how ransomware attacks are evolving, spinning off new variants and upping the ante as hackers go after lucrative targets like universities and hospitals.
To prevent a ransomware attack, experts say IT and information security leaders should do the following:
- Keep clear inventories of all your digital assets and their locations so cyber criminals do not attack a system you are unaware of.
- Keep all software up to date, including operating systems and applications.
- Back up all information every day, including information on employee devices, so you can restore encrypted data if attacked.
- Back up all information to a secure offsite location.
- Segment your network: Don’t place all data on one file share accessed by everyone in the company.
- Train staff on cybersecurity practices, emphasizing that they should not open attachments or links from unknown sources.
- Develop a communication strategy to inform employees if a virus reaches the company network.
- Before an attack happens, work with your board to determine whether your company will plan to pay a ransom or launch an investigation.
- Perform a threat analysis in communication with vendors to go over cybersecurity throughout the lifecycle of a particular device or application.
- Instruct information security teams to perform penetration testing to find any vulnerabilities.
Monday, 10 February 2020
Integrate Palo Alto Firewall With Solarwinds Network Performance Monitor
This Video explains how to integrate Palo Alto Networks firewall with Solarwinds Network performance monitor.