Tag Archives: AES

Cryptdll.dll – Pre Service Pack 2 Revision History for Windows Server 2008 R2 SP1 and Windows Small Business Server 2011 (SBS 2011)

Cryptdll.dll – Pre Service Pack 2 Revision History for Windows Server 2008 R2 SP1 and Windows Small Business Server 2011 (SBS 2011)

09-Oct-2012 – 6.1.7601.22130 – Cryptdll.dll – x86/x64 – http://support.microsoft.com/kb/2768494 – You cannot log on to a Windows 7-based or Windows Server 2008 R2-based client computer after you disable AES encryption for Kerberos authentication

23-May-2011 – 6.1.7601.21732 – Cryptdll.dll – x64 – http://support.microsoft.com/kb/2545833 – Slow performance occurs when many user authentication requests are handled in Windows Server 2008 R2

How to update Network Adapter and Wireless Adapter Drivers within Windows

You may be finding that your network or internet connection is slow or unreliable, you may also find that your computer responds far more slowly whilst you are using network resources because your network adapter drivers are not fully optimised. Wireless network adapter users may find that they cannot connect to some wireless points and/or that wireless range is not what they expect.

Any of these issues could be related to using outdated network adapter drivers so update them.

The primary types of network adapter that you will find in use today are PCI, PCI-Express or USB.  Even wireless and cabled network adapters that are integrated into a laptop or computer will still use one of these fundamental bus types.  Despite who you bought your laptop or computer from (i.e. Dell, HP, Acer, Sony) you will most likely find that a thrd party supplied the network adapter module or chip.  This is actually a good thing because it means that you are not restricted to the often outdated drivers that your system manufacturer will issues when your machine is first produced but then subsequently forget about and never update.

The process to update the drivers usually involves downloading and extracting the zipped/compressed driver file and then using Device Manager to verify and update the drivers are compatible and will install.  You will usually find that the extracted drivers folder includes an “inf” file and various “dll” files.

Once you have the drivers downloaded and extracted on your machine its time to launch Device Manager and find the network adapter that you wish to update the drivers for. On my example machine we want to update the Realtek PCIe Gigabit Adapter so we will double click on it and verify the current driver version.

Here we can see the driver version is “7.23.623.2010 and the date the drivers were released is “23/06/2010”.

Now we want to click “Update Driver” and select the location of the new drivers that we downloaded earlier. To do this we need to click “Browse my computer for driver software” and then selecte the location of the extracted driver files.

Once we have carried out the update the new version will show along with the updated driver release date.

You will usually find that the network adapter in your computer or laptop is manufactured by one of the companies listed below, next to each manufacturer is also a link to the official driver download/support page.

Intel           http://downloadcenter.intel.com
Realtek      http://www.realtek.com.tw/downloads/
Broadcom http://www.broadcom.com/support/ethernet_nic/downloaddrivers.php
Nvidia        http://www.nvidia.co.uk/Download/index.aspx?lang=en-uk
Marvell      http://www.marvell.com/support/downloads/search.do
Ralink        http://www.ralinktech.com/en/04_support/support.php?sn=500
D-Link       http://www.d-link.co.uk/support
Netgear      http://support.netgear.com/app/
Linksys       http://homesupport.cisco.com/en-eu/support/linksys
Belkin         http://www.belkin.com/uk/support/

Watchguard – SSL VPN clients cannot resolve internal host names despite DNS servers being configured for the connection

You may find that when you configure your Watchguard XTM Firewall to accept SSL VPN connections that clients can connect to

the VPN and ping IP addresses of internal resources, however you cannot resolve internal hosts even via FQDN using DNS.  You

may also find that when you run NSLOOKUP on the SSL VPN connected client that the  result is your Internet Service Providers

DNS servers rather than the DNS servers assigned via the VPN connection.

 

To resolve the issue you can change your SSL VPN configuration from a “Routed VPN” to a “Bridge VPN”, the routed VPN uses a

virtual IP address pool (192.168.113.0/24) which does not match your internal IP range or the address range of the internal

DNS Servers.  When a Windows client connects to the “Routed VPN” it appears that due to the DNS server mismatch they are not

utilised by the client.

 

When you configure the VPN in “Bridge VPN” mode you can work around this issue, the Bridge VPN configuration allows you to

exclude some addresses from your Windows DHCP Server Pool and add the into them “Start” and “End” IP addresses on your

Watchguard SSL VPN Configuration Page. The Watchguard will now become responsible for assigning these internal IPs to VPN

clients as they connect rather than the Windows DHCP Server.

 

You should now find that when your SSL VPN clients connect that they are assigned an IP address and DNS server that are all

within the existing internal IP range of your network.  An NSLOOKUP should now return your internal DNS server address and

you should be able to ping hostnames and FQDNs that reside within your internal network.

 

Examples:

ping windowsserver

ping windowsserver.exampledomain.local

 

Please remember that the only down side with this configuration is that a “Bridge VPN” bridges to the “Trusted” interface,

this means that the client computer can access any internal resources that they have permissions for by default. A “Routed

VPN” allows you to offer traffic to Optional/secondary networks and gives you more control by letting you lock down access

using “Specify allowed resources”.