Running a Unifi USG gateway does have its challenges every now and then. One of my friends asked me how I would solve the problem of dynamic IP addresses being used in a S2S VPN configuration. Now normally, when you look at the USG documentation, if the S2S is managed by a single USG controller […]
Since only a few days (and for the few that read this before the Ignite launch: in a few days) the Azure Virtual Network Gateway will support P2S connections based on OpenVPN. This means that the connections from all your clients to Azure networks becomes a whole lot easier. Connect with your phone, tablet, Mac […]
As Microsoft enabled the Radius option in the Azure Gateway VPN configuration, it now means you can enable MFA on your P2S connections! There is a caveat however. It only works if you have replicated your users from an Active Directory into Azure Active Directory. If you have cloud-only user, it doesn’t work (yet..) I’ll […]
Microsoft Azure has the option to enable Accelerated Networking on VM’s. More information on the feature can be found here but this post is not to tell you about what good it does nor how it works.. no, this post is to introduce a new script that will enable/disable the function for you! update: it’s […]
While this blog is mostly focused around passwords and how to ensure people can login, the new direction within Microsoft is to get rid of passwords. I can already feel the shock from many security officers reading this post, but hear us (eeuh Microsoft) out on this one. Passwords are by default unsecure, they require […]
In the initial post, we looked at PTA from a high-level perspective. This post goes into the actuals and internals of the PTA to ensure you can convince your security department on why PtA is a very good idea. Inside Azure AD there are multiple components that work together to ensure the safety of your […]
When you have your Azure Stack Development Kit, you might want to show it off to your customers or simply change the external IP address for some other reasons.. as we have seen earlier there is a dual NAT mode inside the Azure Stack Dev Kit box. The AzS-BGPNAT01 VM receives an external IP address […]
Now that we have our Azure Stack Development Kit in routing mode, we can also send the BGP information from within the Stack to the Juniper Firewalls (or any FW you have..). This will ensure that the new “external IP addresses” that are assigned to our workloads are accessible via our intranet route information and […]
Side Note: The experience of ASDK as described in this post are based on the late July bits of Azure Stack on a Dell T710. Future experience might (I certainly hope so..) be better and more integrated.. The T710 described in an earlier topic was purchased to run Azure Stack. And while I’m still waiting […]