Technote

First of all, we want to catch the packets transferred between local computer and a specific website. We use 168.1.8.244 in this example.
Step1 . Open wireshark.choose the second icon from the left, which is "capture options".

In the "Capture" frame, choose the interface you will use to connect to Internet. In the "capture Filter: type" tcp port http", this will just get the type of traffic we need in this example.Then, click "start".

Then open a browser and visit www.abc.net.au, and you can see some records have been added in to the wireshark. If the home page show up, we can close the browser and click the stop button, which is the 4th from the left.
Step2. Open a browser, and visit www.yourdomain.com to create a record Open CMD, type:
nslookup www.yourdomain.com

 

The...

Prerequisites( deployment server and transport server):

DNS
Active Directory Domain Services( AD DS): A WDS server must be either a member of an AD DS domain or DC for an AD DS. Install AD DS first, then click Run the active Directory Domain Services Installation Wizard (dcpromo.exe) .
DHCP ( dynamic host configuration protocol)
NTFS volume: the WDS image store requires NTFS volume.
(transport server) Local Administrator Group Credentials. The server must be a member of the local administrators group in order to perform the installation tasks and other server tasks required.
(transport server) PXE provider: If WDS is running on the same server as DHCP:

> WDSUTIL /set-server /DHCPoption60:yes
> WDSUTIL /set-server /usedhcpports:no
not listen on ...

Recently, I have some network issue across the whole school. All the computer will get offline and then fix themselves. We monitored the issue with multiping and found that all core network devices are affected by it, see below:

 

 
SYMPTOM

Network size: 1800 students, 200 faculties.
All network (LAN connection or internet) stopped functioning for about 30 seconds every 4 hours in the beginning(Spanning tree issue) then mostly in the morning when people start to work, then recover itself.

Find the ownership
Due to the school network was a flat design, all the devices are in one subnet, I suspect it was a traffic storm ( Multicast, broadcast), or Spanning tree issue ( recalculation the root switch freezes the whole network)
We setup multiping to ping switches...

Purpose of this Project
We will let the mobile devices (Laptop, windows tablet) be able to logon in the wireless network automatically via certificate based authentication before user login, so mobile devices can pull the computer GPO, such as MSI deployment, printer deployment on Computer object, etc. And after user login, it will switch to user certificate based authentication, and allow proxy to audit and apply policies on the devices. The answer  is Certificate based authentication (EAP-TLS).
Unfortunately this is not that straight forward since there are a couple of requirement for the server and client certificate. You can configure this with this tutorial, but you would need a solid understanding of how NPS works, how CA works, in case of  troubleshooting required, as there are so...