Network Infrastructure
Switching, VLAN misconfiguration, STP storms, DNS failures, Wi-Fi client drops, router/gateway loss, WAN circuit outages, and firewall policy issues.
-
Internet circuit / WAN failureOffice is offline. Diagnose: ISP vs onsite hardware vs config — and prove it before paying for an emergency engineer who finds 'no fault'.
-
Switch loop / Spanning Tree stormA loop has been introduced — broadcast traffic is saturating the LAN. Find and break the loop, then add prevention.
-
DNS server failureInternal DNS down — authentication fails, applications can't find services, mail flow breaks. AD DNS especially critical.
-
Wi-Fi Client Connectivity Failure — SSID Not Joining or Repeated DropsWireless clients cannot associate with an SSID, repeatedly disconnect, or land on the wrong VLAN after joining. Causes span 802.1X/RADIUS authentication failure, PSK mismatch, trunk VLAN misconfigura…
-
Managed Switch VLAN Misconfiguration — Devices Isolated or Landing on Wrong VLANA VLAN configuration change, new switch deployment, or trunk reconfiguration leaves devices unable to communicate, isolated in their subnet, or receiving an IP from the wrong DHCP scope. Diagnosis ce…
-
Default Gateway Unreachable — Router Failure or Routing Table LossAll users on one or more LAN segments lose internet and inter-site connectivity when the router or Layer 3 switch providing the default gateway crashes, reboots, or loses its routing table. HSRP/VRRP…
-
Firewall / network change broke connectivityRecent firewall or network change has caused an outage. Roll back fast, then diagnose what was wrong about the change.
-
Firewall Policy Blocking Internal Traffic After Rule Change or Firmware UpdateA recent firewall rule insertion, reorder, or firmware upgrade causes previously working internal-to-DMZ, inter-VLAN, or site-to-site traffic to fail silently or with application errors. Root causes…
-
Cisco ASA NAT Outside Addresses Unreachable via Upstream OSPF RouterWhen a Cisco ASA performs NAT and maps internal hosts to outside addresses, upstream OSPF routers (e.g., Juniper MX5) have no routing information for that outside address space because the ASA does n…
-
Network Loop and Broadcast Storm — Identification and ResolutionA network loop occurs when multiple active Layer 2 paths exist between switches, causing broadcast storms that rapidly degrade or completely halt network connectivity for all users. Resolution requir…
-
Critical Unauthenticated Buffer Overflow in PAN-OS User-ID Authentication Portal — CVE-2026-0300 (RCE as Root)CVE-2026-0300 is a CWE-787 buffer overflow in the PAN-OS User-ID Authentication Portal (Captive Portal) allowing unauthenticated remote code execution as root via specially crafted packets. Affected…
-
CVE-2026-0265: PAN-OS Authentication Bypass via Cloud Authentication Service Signature Verification FlawCVE-2026-0265 is a signature verification vulnerability in PAN-OS that allows unauthenticated remote attackers to bypass authentication when Cloud Authentication Service (CAS) is enabled on a login i…
-
DHCP Server Service Failure Due to Lease Database (dhcp.mdb) Corruption — Jet Engine ErrorsThe Windows Server DHCP service stops unexpectedly or fails to issue IP addresses following corruption of the Jet-engine-based lease database (dhcp.mdb). Corruption typically results from sudden stor…
-
DHCP Server Service Failure Due to Jet Engine Lease Database Corruption (dhcp.mdb) — Windows Server 2019/2022The Windows Server DHCP service stops unexpectedly or ceases issuing IP addresses when the dhcp.mdb Jet engine lease database becomes corrupted. Corruption typically follows sudden storage outages, u…
-
PAN-OS GlobalProtect Authentication Bypass via Forged Override Cookies — CVE-2026-0257 (Active Exploitation)CVE-2026-0257 is an authentication bypass in PAN-OS and Prisma Access affecting deployments where GlobalProtect portal or gateway authentication override cookies are enabled and Cloud Authentication…