All posts in internet

Black Ops 3 NAT Type Strict & PS4 NAT Type 3 with pfSense Fixed!

It’s been a while since I’ve posted anything even remotely related to gaming, so I suppose this is a nice distraction!  Since Sony gave us COD blops 3 in the PS+ I’ve been enjoying the fun of running around shooting people and reliving the MW2 days.  However matchmaking has always been a problem with my PS4 reporting NAT Type 3 and blops 3 itself report NAT Type Strict.  I use pfSense at home and have spent weeks trying to fix this, and in the end once I knew what to do it was easily fixed!

Continue reading →

Enforcing Microsoft Office 365 and Azure Tennancy with McAfee Web Gateway (MWG)

McAfee Web Gateway (MWG) is a pretty phenominal product, if you’re looking for a commercial web filtering solution then MWG should certainly be something you should investigate.  If however you already have a MWG and are looking at a rule base to make sure that your users can only logon to your approved Microsoft Office 365 domains then read on.

Microsoft Office 365 (O365) is a pretty phenominal product, if you’re looking for a collaboration system then O365 should be something you should investigate.  If however you want to make sure that only your organisation can log on to O365 via your network then read on.

Continue reading →

Steam & Valve IP Ranges

After spending a fair amount of time trying to find the IP subnets which Steam uses I came up a blank, so I went to Arin.

Continue reading →

Easy(ish) IPSec VPN with Shared ECDSA Certificates for Host to Host Connections

Let me start off by saying that using certificates for your IPSec VPNs adds another layer of complexity onto your connections. However what I’ve tried to do is to make this how to guide as easy to follow as I possibly can.

By using certificates we can negate the requirements to use pre shared keys and thus are considered more secure and if we have lots of tunnels it means we don’t have to worry about having a separate key for each connection therefore providing a great deal of scalability.

Continue reading →

Configuring Suite B, VPN-A and VPN-B in IPSec with Strongswan

Many vendors have got the various IPSec standards already implemented within their products for ease of use.  This is my configuration for matching these standards with Strongswan.

It’s always nice to use a standard; they come from RFCs so have some level of scrutiny and make things interoperable.  These suites in my experience tend to be the ones which are implemented most widely.  As a security professional I’m happy that someone has investigated the best solutions with which to use.

Continue reading →