How To Guide

Uploading CCIE lab configurations & using config replace to save time

Francisco B Automation, CCIE, Cisco, Configuration, HomeLab, How To Guide, Lab, Layer 2, Switching, Tips & Tricks , , , , , , , , ,

This post will contain two major parts; Getting configurations onto Cisco IOS switches via TFTP, and utilizing config replace to replace configurations quickly for different labs. The first part, loading configuration files via TFTP, is really only needed on devices that don't have USB ports such as the 3650 platform. The first step is to … Continue reading Uploading CCIE lab configurations & using config replace to save time

EVE-NG Default IDLE PC

Francisco B CCIE, Cisco, Configuration, EVE-NG, HomeLab, How To Guide, Lab, Tips & Tricks

As I continue on my quest for the perfect lab I have been messing around with EVE-NG (a competitor to GNS3 and VIRL). One thing I really like about EVE-NG is the ability to use a web client instead of needing a thick client like you do for GNS3 and VIRL. A draw back I've … Continue reading EVE-NG Default IDLE PC

Using Raspberry Pi’s for Network Monitoring and Health Status – Part 1 : Dual NIC Network Connectivity

Francisco B Automation, Coding, Configuration, Hack Post, HomeLab, HomeNetwork, How To Guide, Raspberry Pi, Tips & Tricks, Wireless

I have recently been able to spend sometime working with Raspberry Pi's both for personal projects as well as a few things for work. This seems like a great opportunity to do a series of posts on them! The first post will be around utilizing both NICs at the same time to allow for "Out … Continue reading Using Raspberry Pi’s for Network Monitoring and Health Status – Part 1 : Dual NIC Network Connectivity

Recovering an ESXi host with the state archive….

Francisco B Configuration, ESXi, HomeLab, HomeNetwork, How To Guide, Tips & Tricks , , , ,

I had the joy of dealing with the USB drive which hosts my ESXi host's OS and configuration go bad, and naturally without a backup of the configuration. I did manage to recover enough of the drive to gain access to the "state" archive which contains the host configuration (this is stored as state.tgz). The … Continue reading Recovering an ESXi host with the state archive….

802.1x VLAN User Distribution (VLAN Group)

Francisco B 802.1X, Cisco, Configuration, How To Guide, ISE, Layer 2, Network Security, Switching , , , , ,

In this blog post, I will be going over 802.1x VLAN User Distribution (sometimes referred to as "VLAN Groups") in Cisco IOS and a use case scenario that involves Cisco ISE (Identity Services Engine). First, some background around VLAN Groups. Based on my research it seems there are two major types of VLAN Groups: The … Continue reading 802.1x VLAN User Distribution (VLAN Group)

Remote Lab Access and Control

Francisco B Automation, CCIE, Cisco, Configuration, HomeLab, HomeNetwork, How To Guide, Tips & Tricks , , , , ,

A requirement I've quickly come to realize with building my lab is remote access into lab my equipment. This requirement is two fold, I don't feel like always sitting in my basement to build topologies and I'm not always home when I will be studying. This need naturally led me to acquiring a terminal server, … Continue reading Remote Lab Access and Control

Cisco ISE REST API & Python

Francisco B Automation, Cisco, Coding, Configuration, How To Guide, Network Security, Python, REST API, RESTful, Tips & Tricks , , , ,

I've been faced with a fun little challenge on how to make sure our ISE deployment has every NAD (Network Access Device) configured appropriately to allow for successful EAP communications. Originally I was planning on utilizing a CSV and the bulk import tool to regularly import new devices into ISE as they were built. This allows … Continue reading Cisco ISE REST API & Python

IKEv2 with RSA Signatures

Francisco B Cisco, Configuration, DMVPN, How To Guide, Network Security , , ,

Currently my studies have taken me on an adventure into the wonderful world of Cisco Security. I am studying for the 300-209 (SIMOS) certification exam which is VPN technologies including DMVPN, FlexVPN, and a few other flavors of VPN.I find it interesting that so many try very hard to avoid having to implement security because its … Continue reading IKEv2 with RSA Signatures

Hiding (filtering) a specific user from reporting in Cisco ISE

Francisco B Cisco, Configuration, How To Guide, ISE, Network Security, Tips & Tricks , , , , , ,

I ran into an interesting problem preparing for an 802.1x deployment - the authentications report in Cisco ISE was full of all the network devices checking to make sure ISE was still available (health checks). As seen below the load balancer's keep alive fill the logs pretty much on their own, imagine trying to troubleshoot a … Continue reading Hiding (filtering) a specific user from reporting in Cisco ISE

Controlling Traffic to a Virtual Server on F5

Francisco B Configuration, F5, How To Guide, Network Security, Tips & Tricks , , ,

There are multiple ways to control what traffic is allowed or not allowed through a BIG-IP F5 system or for specific Virtual Servers (VS). The following method uses F5's AFM (Application Firewall Manager) module to create security policies which are then applied to a specific VS. For this method example, traffic from three specific hosts … Continue reading Controlling Traffic to a Virtual Server on F5