Does AP need to follow Cisco WLC upgrade path – a small test

Does AP need to follow WLC upgrade and get the intermediate release? Or will the Access Points survive if it skips the intermediate release? The release notes says yes – “When you upgrade Cisco WLC to an intermediate release, wait until all the APs that are associated with Cisco WLC are upgraded to the intermediate […]

Windows Update fails when Check Point HTTPS-inspection is enabled

In a freshly installed Windows Server 2016-environment, there was feedback that Windows Update failed when HTTPS-inspection was enabled. Even though “Bypass HTTPS inspection of traffic to well known software update services” was ticked off. The servers was stuck with this error message: Some update files aren’t signed correctly.Error code: (0x800b0109) In the tracker I could […]

Passive Virtual System on Check Point VSX ARPs using physical intf. IP address instead og Cluster IP

I came across some important information. Although I did not find any useful information (at first), so hopefully this post will help speed up someone elses troubleshooting. Problem statement: Passive VS on VSX ARPs for default GW using physical interface IP instead of cluster IP and no traffic flows from passive Virtual System. If ARP […]

Check Point VSX DHCP relaying

In order to enable DHCP-relaying for interfaces belonging to Virtual Systems on a VSX-cluster, you have to set the context to the specific virtual system the interface belongs to. List all Virtual Systems on the VSX-cluster show virtual-system all

Nested group object not present on FortiGate when configured through FortiManager

I encountered a problem with a firewall blocking traffic even though it was supposed to let traffic through. This particular policy used nested object grouping (Main group > Sub-group > NetworkAdr-member). The odd thing was, it seemed to only affect one vDom. What was happening: The traffic did not match the configured policy and was […]

Upgrading a quad supt VSS-cluster 6807 with minimal network interruptions

Scope and disclaimer This blog post is primarily to explain and show the process of upgrading a Quad-sup 6807 VSS-cluster using the In Service Software Upgrade (ISSU) feature, also known as Enchanged Fast Software Upgrade(EFSU) in VSS terminology. The entire process is very painless as long as the cabling is done right. Requirements Dual homed […]