November 10, 2024

Category: Tech

Automate Cisco DMVPN Deployment with Ansible
Tech

Automate Cisco DMVPN Deployment with Ansible

In this post we will automate the deployment of a Cisco DMVPN network. I use this as a lab for testing, but with a few tweaks you could use this to deploy a production DMVPN network. I’ve tested this in GNS3 on IOSv 15.6 routers and the Network Automation appliance from the GNS3 marketplace, with […]

Read More
Quick and Easy Junos Labs with Vagrant and VirtualBox
Tech

Quick and Easy Junos Labs with Vagrant and VirtualBox

It’s been far too long since my last blog post, mainly due to the fact that my spare time recently has been taken up with authoring a series of courses over at Pluralsight for the Juniper JNCIA-Junos certification, which are due to be published in October this year. Anyway, with this in mind, there are […]

Read More
Junos Basics – Route Based IPSec VPN’s
Tech

Junos Basics – Route Based IPSec VPN’s

Here’s how to build a simple route based IPSec VPN between two Juniper SRX gateways. With a route based VPN, there is no particular policy tied to a VPN tunnel, rather traffic is forwarded across a tunnel link based on the routing table. ie. when the route to a particular network is via a Secure […]

Read More
How to log traffic dropped by Juniper SRX firewalls
Tech

How to log traffic dropped by Juniper SRX firewalls

Prior to working with Juniper SRX’s my firewall experience was predominantly Check Point. Two nice features of Check Point firewalls are Smart Log and Smart View Tracker which both provide easy access to firewall log records. When I started using SRX’s one of my first questions was how do I get to view dropped traffic? […]

Read More
Junos Basics – Securing J-Web Access On Juniper EX Series Switches
Tech

Junos Basics – Securing J-Web Access On Juniper EX Series Switches

In my previous Junos Basics post I covered automatic configuration archiving. In this post we’ll step through a solution to prevent unauthorised access to the J-Web GUI on EX Series switches. This solution could be modified to also restrict access on other management ports such as SSH and SNMP. First of all we need to […]

Read More
BGP Basics – modifying attributes
Tech

BGP Basics – modifying attributes

The previous post in this series looked at the exchange of routes between BGP peers, and this post takes this a step further by looking at two BGP attributes that can be modified to influence how a router decides which routes to place in it’s routing table – WEIGHT and LOCAL PREFERENCE Here’s our example […]

Read More
BGP Basics – advertising networks into BGP
Tech

BGP Basics – advertising networks into BGP

The first post in this BGP mini-series looked at setting up BGP peering between routers. Now we’ll take things a step further and actually exchange some routing information between those peers. Here’s the network: The basic BGP config on each router looks like this: R1#sh run | s router router bgp 1 no synchronization bgp […]

Read More
BGP Basics – iBGP and eBGP peering
Tech

BGP Basics – iBGP and eBGP peering

This is the first post in a mini-series on BGP basics, and looks at setting up internal and external BGP neighbours using loopback interfaces. The advantage loopbacks have over physical interfaces is that they are always up and reachable. iBGP configuration: The routers must be able to reach each others loopback IP’s and we don’t […]

Read More
CCNP ROUTE Study – OSPF Virtual Links
Tech

CCNP ROUTE Study – OSPF Virtual Links

One of the golden rules of OSPF is that all areas must be connected to the backbone area 0, however sometimes this is not physically possible, and this is where Virtual Links come in. A virtual link is created through another area that is connected to area 0. To explain this, here is our network: […]

Read More
CCNP ROUTE Study – OSPF DR/BDR Elections (and how to rig them….)
Tech

CCNP ROUTE Study – OSPF DR/BDR Elections (and how to rig them….)

When multiple OSPF routers are connected to a multi-access medium such as Ethernet, a Designated Router (DR) and a Backup Designated Router (BDR) are elected. DR’s reduce network traffic as only they maintain the complete ospf database and then send updates to the other routers on the shared network segment. The other routers become ‘slaves’ […]

Read More
Top