Jump to content
|Topic||Stats||Last action by|
|Windows 10 Technical Preview||
|Laptop for Girlfriend (US)||
|Formula 1 World Championship 2015 Season Discussion||
|Mayweather vs Pacquiao: Fight is officially on for May 2||
Posted 15 March 2013 - 09:37
Posted 15 March 2013 - 11:12
Posted 15 March 2013 - 22:56
Posted 16 March 2013 - 01:17
Posted 16 March 2013 - 07:06
OK, Ill remove any entries on the DHCP server on the DC relating to 192.168.100.100 being the DNS. Ill change the renewal to 1 day.
In your dhcp server on the DC, remove 192.168.100.100 as dns! And change the lease to something more realistic -- like 1 day or 4 days.. Not ever freaking hour, that means your clients are asking for renewal every 30 minutes - why?
My doubt was that every Windows 7 installation by default has IPv6 enabled so meaning a lot of small office networks have IPv6 enabled and are running just fine. Also, that registry modification, would I have to do it to EVERY computer in the office or can I force it via GP?
So if you have no desire for IPv6 - then disable it! I gave you the simple reg key to disable it. If you want to enable it again, just remove the reg key.
Posted 16 March 2013 - 12:35
Posted 18 March 2013 - 15:50
Im trying to just get things working in general; Not really looking for efficiency.
Not saying it wont work - I am saying what you would do if you set it up correctly
BudMan, I understand this is a security issue but this is not my focus right now.
I am quite sure most small offices have it enabled yes, doesn't make it right.. If you do not use a protocol, then that protocol should not be enabled - this is security 101.
I still dont really understand that IPv6 generates SO MUCH traffic to it be a performance issue....
And from a performance and clean up perspective - why do you want or need unused traffic on your network. If ipv6 is enabled its going to be generating traffic. And since your not using it, is completely useless.
As to deployment of a registry key via gp - sure here
Here is another method of doing it via gp
If you don't want to disable it - then correctly set it up, not leave the freaking mess MS enables from the git go.. Teredo, 6to4 and isatap - I run it in my home network, but is is correctly configured to be used and remove the teredo, isatap and 6to4 nonsense since there is no use for those.
You notice my ipconfig /all output only list my actual nic, not the teredo, 6to4 and isatap and notice actually work on ipv6.. You boxes have all that stuff enabled sending out noise on your network for what? Can you even ping ipv6.google.com ?
Posted 18 March 2013 - 16:40
Posted 18 March 2013 - 22:51
We are crossing threads here (this is about the network setup and the other is about a firewall only) but....
pfsense takes all of about 10 minutes to setup from a BARE box! It will be working config after it gets an IP from your wan, and you give it an IP on its lan. It will have the same default rules as any off the shelf soho router.
It will allow ALL traffic outbound from the lan segment, and BLOCK all unsolicated traffic inbound. It will have dhcp server and dnsmasq running after you run through the setup.. Again if you are dicking with it more than 20 minutes your doing it wrong
There really is not much to configure for a standard setup.
Posted 21 March 2013 - 14:07
Posted 26 March 2013 - 09:00
Posted 26 March 2013 - 11:04
Posted 26 March 2013 - 11:21
OK, done doing 0.000000001% of redoing the existing network. We are getting a ZyXEL ZyWALL USG 50 in about two days.
Posted 26 March 2013 - 12:24
yes it is done in the firewall rules. You need to create a wan to lan or a wan to any rule and allow the ports to transverse to a specific ip within your network. this is a 20 but it is a similar interface.
Posted 26 March 2013 - 12:31