As the Packet Tracer network simulator from Cisco has been designed to help CCNA students go through a course, we cannot expect to work it with all stuff what is beyond of CCNA. Therefore I found really frustrated to make few configurations from LAB into PT, spending hours to figure out that is not possible to implement them. Continue reading
We can distinguish many archives format and compressions methods however 3 the most used are Tar, Gz, Bzip archives. TAR command helps working with archives in linux where tar = tape archive and its the most common used options are:
- c – create a new tar file
- Continue reading
Socks proxy using SSH
Tunnelling over our Internet link it sounds already exiting, isn’t it?. But how difficult is it? Do we need any complex and sophisticated configuration of hardware and software? Hmm.. it is not necessary even to involve ipsec or ssl stack to create VPN. SOCKS is built in to OpenSSH so it’s trivial to run SOCKS proxy server with ssh client running with option -D. This option configures SSH client to listen on your local Linux box on specified by us tcp port. Then we will use SOCKS5 proxy configuration built into most of Internet browsers to connect to.
Follow these steps to enable https secure web configuration on your router or switch:
#conf t username tech privilege 15 secret 0 userpassword '<-- create user tech with the highest privileges' ip http server '<-- enable http access' ip http access-class 23 ip http authentication local '<-- enable local authentication' ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000
VLANs concept is very well known to separate network traffic on single switch to increase security. This allows more clearer network design minimizing needs for an additional hardware to deployed. The below example has been tested on Cisco 1900 series router eqquipped with EHWIC-4ESG-P EtherSwitch card. This configuration supports up to 16 VLANs but higher end devices can support up to 4096 VLANs. Please refer to your device documentation for more details. Continue reading
Linux console port serial connection
apt-get install minicom
Discover your serial com port, here it will be ttyS0
logger@syslog0050:~$ dmesg | grep tty [ 0.000000] console [tty0] enabled [ 1.030584] 00:08: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
NVI – NAT Virtual Interface
Not everyone knows that from IOS version 12.3(14)T, Cisco has introduced a new feature called NAT Virtual Interface; NVI removes the requirements to configure an interface as either NAT inside or NAT outside. An interface can be configured to use NAT or not use NAT.
How to use NVI? It’s easy! You must use the command ‘ip nat source …’ without specifying the inside/outside tag and enable the nat to the interfaces using the command ‘ip nat enable’. Continue reading