jpudasaini

Here is another tutorial running Cisco ASAv on GNS3 using Qemu. For Configure GNS3 In My case I have used ASAv952-204.qcow2 Go  to the GNS3>Edit>Preferences>QEMU>Qemu VMs>New Follow on screen procedure.  Don't forget to enable kvm and memory allocation.  Now you can see I can run ASAv 9.5.2 Blank Password.

This time lets have tutorial on Cisco XR 9k series router image running on the GNS3. Please don't ask for the XR image. Your are smart enough to get it. My system configuration: Ubuntu 16.04 GNS3 1.4 RAM 8Gig i7 processor Used XR Image iosxrv-k9-demo-6.0.1.qcow2 This image is VIRL extracted image. You need to convert this image into QEMU image, follow this link I strongly recommend you to run it on the Linux system. Now you have converted image, then go to the GNS3>Edit>Preferences>QEMU>Qemu VMs>New then follow the onscreen procedure. Setting for QEMU XR Image. RAM:- 4Gig CPU:- 1 Adapters at lest 4.  -enable-kvm Here you can see I can run the XR on my system. Interface is up and system is already booted.  I have run 3 XR router  here is my system RAM CPU usages. RP/0/0/CPU0:XR3(config)#int gi0/0/0/0 RP/0/0/CPU0:XR3(config-if)#ip add 192.168.13.2 255.255.255.252 RP/0/0/CPU0:XR3(config-if)#co

Somebody ask me to run Cisco EPIC VPN lab test provide by the Cisco. I just try it done but Anyconnect client doesn't seems to work on ubuntu system. The error message was How to resolved the issue??  First of all install the following packages. sudo apt-get install lib32z1 lib32ncurses5 Then try to install the AnyConnect client, if its still show the same error message. Used below command.... sudo apt-get install network-manager-openconnect Reload the changes using this command.... sudo systemctl daemon-reload Now AnyConnect should be installed. 

Recently I try to install  SmokePing (tar ball) on Centos 7, for my company to check Network latency, but   same error re-occur. Multiple Errors: Then I search a lot, try to install the packages but the problem still appear, then after I found  a simple solution. Solution: # perl -MCPAN -eshell Terminal does not support AddHistory. cpan shell -- CPAN exploration and modules installation (v1.9800) Enter 'h' for help. cpan[1]> install Net::OpenSSH Reading '/root/.cpan/Metadata'   Database was generated on Sat, 03 Sep 2016 21:53:30 GMT Running install for module 'Net::OpenSSH' Running make for S/SA/SALVA/Net-OpenSSH-0.73.tar.gz Fetching with LWP: http://cpan.communilink.net/authors/id/S/SA/SALVA/Net-OpenSSH-0.73.tar.gz Fetching with LWP: http://cpan.communilink.net/authors/id/S/SA/SALVA/CHECKSUMS Checksum for /root/.cpan/sources/authors/id/S/SA/SALVA/Net-OpenSSH-0.73.tar.gz ok Scanning cache /root/.cpan/build for sizes .............

A Network Administrator command  which help diagnosis DNS related issue. However to understand this,  you should better to know how DNS works. How to troubleshoot DNS related issue. 1. NSLOOKUP example display "A Record" (IP Adress) of the domain C:\Users\jpudasaini>nslookup jpudasaini.com.np 8.8.8.8 Server:  google-public-dns-a.google.com Address:  8.8.8.8 Non-authoritative answer: Name:    jpudasaini.com.np Address:  216.239.32.21 A Non-Authoritative Answer is a response from Cache. A DNS server is authoritative for zones actually holds it. The above output shows "A Records" (IP Adress) of the domain " jpudasaini.com.np ". Which is actually query to the public Google DNS. If you don't put DNS after the domain, it will used your default DNS, in my case I have used public DNS. 2. MX Record using -query=mx MX (Mail Exchange) record maps for the specific domain name to verify mail exchaing servers on that domain.

EoMPLS is point to point L2 VPN services which is used to transport all Ethernet frame received on particular Ethernet or VLAN,  its also called Any Transport over MPLS(ATOM) means this technology can connect like Frame-Relay, PPP, Ethernet,ATM etc. IOS used c7200-adventerprisek9-mz.151-4.M Logical Topology   Make sure MPLS with IGP  is confugure as shown in a diagram. I'm not going to configure MPLS here. This tutorial only show how to configure xconnect tunnel peer with other side customer faces interface in our network diagram we interconnect PE1 fa1/0 with PE2 fa0/0 interfaces. Config of PE1 PE1#sh run Building configuration... Current configuration : 1337 bytes ! upgrade fpd auto version 15.1 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname PE1 ! ip cef interface Loopback0  ip address 2.2.2.2 255.255.255.255  ip ospf network point-to-point  ip ospf 1 area 0 ! interface FastEthernet0/0  ip ad

We already configure our QEMU in GNS3 and run our vSRX Router. Now its time to configure DHCP server in our vSRX router. Lets began. Logical Diagram for this tutorial To configure DHCP server Assign Lowest and highest IP range root# set system services dhcp pool 192.168.1.0/24 address-range low 192.168.1.50 high 192.168.1.200 Assign DNS server (in my case I had used Router interface IP) root# set system services dhcp pool 192.168.1.0/24 name-server 192.168.1.1 Assign IP address of the router root# set system services dhcp pool 192.168.1.0/24 router 192.168.1.1 Assign the lease time root# set system services dhcp pool 192.168.1.0/24 default-lease-time 3600 Assign DHCP as an allowed inbound service for the interface which we are going to enable DHCP. root# set security zones security-zone untrust interfaces ge-0/0/1 host-inbound-traffic system-services dhcp Assign IP address to the client faced interface. root# set interfaces ge-0/0/1 unit 0 family inet ad

While doing some lab test, this weird syslogd message appear every seconds on the console terminal, so it was very difficult to complete the lab. This messages are due the following syslog configuration .  So for now we are going to de-activate it to generating the message #deactivate system syslog user *  #commit

Suddenly my home datacenter  vsphere lab show empty inventory in vSphere client. There was no any host at all. I have three ( Cisco IOU, CentOS 7, Ubuntu server) host configure for lab  purpose. So I must recover those host to complete my lab because I almost completed all labs.  Thus here is process how to retrieve those lost host from vSphere client in vSphere 6 database. Step 1: Login to the vSphere client choose your database from Configuration Tab > right click database and choose "Browse Dababase". Step 2: Now next window open the database page. From here open your host folder then choose ".vmx" right click and choose "Add to inventory" then follow the onscreen instruction. Next window  Select the database Next click to finish Now your server is in the inventory list, you can run the server. In my case its my CentOS 7 server, it will run smoothly. 

Here are basic show commands used in Huawei switch. For configuration of Huawei switch click here . 1. Show VLANs <sw1>display vlan 8. Show port base VLAN <sw1>display port vlan   Port                    Link Type    PVID  Trunk VLAN List ------------------------------------------------------------------------------- Eth-Trunk0              hybrid       1     -                                 GigabitEthernet0/0/1    trunk        1     1 GigabitEthernet0/0/2    hybrid       1     -                                 GigabitEthernet0/0/3    access       301   -                                 GigabitEthernet0/0/4    access       302   -                                 GigabitEthernet0/0/5    hybrid       1     -                                 GigabitEthernet0/0/6    hybrid       1     -                                 GigabitEthernet0/0/7    hybrid       1     -                                 GigabitEthernet0/0/8    hybrid       1     - 2. View Configurati

Here are some Huawei switch configuration command and verification command is here. 1. Enter int to the privilege mode <sw1>system view 2. Create the VLAN [sw1]vlan 30 [sw1]des fiber 3. Configure interface trunk [sw1]interface GigabitEthernet 0/0/1 [sw1-GigabitEthernet0/0/1]port link-type trunk 4. Configure interface access [sw1-GigabitEthernet0/0/3]port link-type access [sw1-GigabitEthernet0/0/4]port link-type access 5. Assign vlan to that port [sw1]vlan 30 [sw1-vlan30]port GigabitEthernet 0/0/3 [sw1]vlan 30 [sw1-vlan30]port GigabitEthernet 0/0/4 6. Change port speed and duplex [sw1]interface GigabitEthernet 0/0/3 [sw1-GigabitEthernet0/0/3]undo negotiation auto [sw1-GigabitEthernet0/0/3]speed ?   10                10M port speed mode   100               100M port speed mode   1000              1000M port speed mode   auto-negotiation  Auto negotiation [sw1-GigabitEthernet0/0/3]speed 100 [sw1]int gi0/0/4 [sw1-GigabitEthernet0/0/4]undo negotiatio

Hello fellow blog reader, after long gap I'm going to write this thread regarding the basic Juniper command and configuration. I try to include as much as troubleshooting/configuration command during day to day work. I would like to thank to Srijan pointing the error on LACP command. 1. Set username for login root@jpudasaini#set system root-authentication encrypted-password New password: Retype new password: root@jpudasaini#set system login user jay full-name jaypudasaini uid 400 class super-user authentication encrypted-password 2. Hostname configuration. root@switch#set system host-name jpudasaini root@jpudasaini# 3. Set Tacplus authentication for juniper switch. root@jpudasaini# set system authentication-order tacplus root@jpudasaini# set system authentication-order password root@jpudasaini# set system root-authentication encrypted-password "you password here" root@jpudasaini# set system tacplus-server 10.10.10.10(your tacplus server IP) secret &quo

I can see in my network any customer can communicate to any one on the same VLAN. Basically when ever any unknown packets ingress into the switch. Switch found no record in CAM table, so that frame flood every port of the respected VLAN, except the frame received port. Such a communication can very dangerous for the service provider and its customer. Because any one can sniff or send information to other customer in same VLAN.  Broadcast packet also flooded into the network that can bottleneck our network. The way to protect such a bottleneck of the network we can configure switch port as protected port thus no port can directly communicated in a same broadcast domain. Command: interface fa0/2 switchchport mode access switchport access vlan 30 switchport protected This way we can protect the user in same VLAN. Protected port only be configured in edge port not the trunk port or L3 connected port. Now the protected port prevent any unicast, broadcast or multicast packet e

Sometime I need to analyze network traffic from remote switch. Thus RSPAN is life saver. Go to the site and capturing the packets and analyze the packets is very time consuming. So here a small tutorial which explain how to configure packets with RSPAN. SW1(This is the remote switch, Which is the source for our packets.) sw1(config)#vlan 444 sw1(config-vlan)#remote-span sw1(config)#monitor session 1 source interface Fa1/0/1 - 16 sw1(config)#monitor session 1 destination remote vlan 444 SW2(The destination switch where you going sniff the packets send my remote switch on case sw1.) sw2(config)#vlan 444 sw2(config-vlan)#name RSPAN_VLAN sw2(config-vlan)#remote-span sw2(config)#monitor session 1 destination interface Gi0/17 sw2(config)#monitor session 1 source remote vlan 444 Now you can capture remote packets in port 17. All these tutorial tested on cisco 3750 switch.

All these tasks have been done in production environment. I upgraded almost 50 switch IOS in production environment. In my case I don't removed working IOS from the 2950 switch. You may encounter low flash memory during the up-gradation of the new IOS. If that happen do see at the bottom of this tutorial where I had mention how to recover some more space for IOS up-gradation. Step1: Fist of all create tftp server in one of the updated IOS switch. sw2(config)#tftp-server c2950-i6k2l2q4-mz.121-22.EA14.bin Step2: Then go to the remote switch where you want to upgrade IOS with new version. sw1#copy tftp: flash: Address or name of remote host [100.100.255.47]? Source filename [100.100.255.47]? c2950-i6k2l2q4-mz.121-22.EA14.bin Destination filename [c2950-i6k2l2q4-mz.121-22.EA14.bin]? Accessing tftp://100.100.255.47/c2950-i6k2l2q4-mz.121-22.EA14.bin... Loading c2950-i6k2l2q4-mz.121-22.EA14.bin from 100.100.255.47 (via Vlan2): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

This tutorial assumed you already create Hotspot in your router. If you don't know how to create a hotspot in Mikrotik router, click here and create the Hotspot. . After successfully creating the hotspot server go to "Files" Menu of  the main Window of Mikrotik router Copy "hotspot" folder into your PC. Open "alogin" file with text editor Replace "link-redirect" text with your desire URL Now you're done! After successfully logging into the Hotspot server your client automatically redirects to your external link.  Don't forget to copy this folder into Mikrotik Router "Files" Menu. You can also drag and drop this folder into "Files" menu. 

Power of the switch. Hold down the mode button located on the left side of the front panel, reconnect the power cable to the switch. After few seconds you can see   switch: prompt:  then release the Mode button when the Status (STAT) LED goes out. (When you release the Mode button, the SYST LED blinks amber). 1. The following instructions appear:   The system has been interrupted prior to initializing the    flash filesystem.  The following commands will initialize    the flash filesystem, and finish loading the operating    system software:        flash_init        load_helper        boot    switch: 2. Now follow the following command switch: flash_init switch: dir flash switch: rename flash:config.text flash:config.old switch: boot 3. Enter "n" at the prompt to start the setup program --- System Configuration Dialog ---    At any point you may enter a question mark '?' for help.    Use ctrl-c to abort configuration dialog at any prompt.  

To reset password of  2970 Switch, power off the switch and press MODE button then power it on, take a look at the SYS led when it glows green leave the mode button. To recover the password click here . Now your are in switch: prompt mode. switch: flash_init switch: dir flash: switch: delete flash:config.text switch: delete  flash:vlan.dat   Now your switch has been reset, you can reconfigure the switch. 

Recently I encounter weird issue with JunOS. While Cold Booting the Juniper ex4200 switch its shows following message. I do nothing just first boot the device thus face unknown reason message. Then I dig the google however some command doesn't work except below one. This JunOS version was 12.3. sw1@jpudasaini>show system storage partition Solution EX root>request system reboot slice alternate media internal   SRX root>request system reboot media internal   Now reboot your device and the error message is already gone. To verify the which boot partition do used by your device use the following command.

Recently I encounter Cisco switch 3750 reload puts it into switch: prompt. I try every possible troubleshoot but wherever switch reload its automatically boot to recovery mode. This is happen because manually boot process is enable to yes. test-sw4#sh boot BOOT path-list:       flash:/c2950-i6k2l2q4-mz.121-22.EA12 Config file:          flash:/config.text Private Config file:  flash:/private-config.text Enable Break:         no Manual Boot:          yes *************Output Omitted**************** To set switch to boot automatically, we have to issue no boot command in global configuration mode. test-sw4(config)#no boot manual ?   <cr> test-sw4(config)#no boot manual test-sw4(config)#end test-sw4#wr Building configuration... [OK] test-sw4# Verify the command. test-sw4#sh boot BOOT path-list:       flash:/c2950-i6k2l2q4-mz.121-22.EA12 Config file:          flash:/config.text Private Config file:  flash:/private-config.text Enable Break:         no Manu