To get ASA 8.4 running on GNS3:

1-Download and Install GNS3 from the below url: 2- Download the required files from the below address: or 3- Configure GNS3 preferrences -> QEMU -> ASA with below settings RAM: 1024 MiB Number of NICs: 6 Qemu options: -m 1024 -icount auto -hdachs 980,16,32 Initrd: C:\ASA\asa842-initrd.gz Kernel: C:\ASA\asa842-vmlinuz Kernel cmd line: -appendContinue reading “To get ASA 8.4 running on GNS3:”

Handy NetFlow Commands

show ip flow interface displays the NetFlow configuration for an interface show ip cache flow Verify that Netflow is operational and display summary of NetFlow statistics. show ip cache verbose flow Used to verify that NetFlow is operational and to display the detailed summary of NetFlow statistics. show ip flow export Use this command to displayContinue reading “Handy NetFlow Commands”

Basic DHCP Service on a 3560-CX

Basic DHCP Service on a 3560-CX for some remote clients on the end of a wireless link. SW1#conf t Enter configuration commands, one per line. End with CNTL/Z. SW1(config)#service dhcp SW1(config)#ip dhcp pool SITE-POOL SW1(dhcp-config)#network SW1(dhcp-config)#default-router SW1(dhcp-config)#dns-server SW1(dhcp-config)#domain-name SW1(dhcp-config)#lease 8 SW1(config)#ip dhcp excluded-address SW1(config)#exit To view theContinue reading “Basic DHCP Service on a 3560-CX”

Cisco: Air Provisioning

I was recently asked to design a point-2-point wireless solution which fast became a point-to-multipoint.  Regardless of the design the Access Points used were AIR-AP1532E-UXK9 with a vision of utilising the 5Ghz back-haul and a 14dBi directional antenna to cover line-of-sight. These UX Access Points address the worldwide regulatory compliance by dynamically setting their regulatory domain/country based on theirContinue reading “Cisco: Air Provisioning”

Basic Active Directory and LDAP Configuration to Authenticate Cisco ASA VPN

asa01# aaa-server LDAPSERVERS protocol ldap asa01 (config-aaa-server-group)# aaa-server LDAPSERVERS ([interfacename]) host [ipaddress] asa01 (config-aaa-server-group)# ldap-base-dn DC=somedomain,DC=com,DC=au asa01 (config-aaa-server-group)# ldap-scope subtree asa01 (config-aaa-server-group)# ldap-naming-attribute sAMAccountName asa01 (config-aaa-server-group)# ldap-login-password ***** asa01 (config-aaa-server-group)# ldap-login-dn CN=VPN_Account,OU=Users,DC=somedomain,DC=com,DC=au asa01 (config-aaa-server-group)# server-type auto-detect To verify your configuration: asa01 (config-aaa-server-group)# test aaa-server authentication LDAPSERVERS host [IPAddress] username [someone] password [password] This will return anContinue reading “Basic Active Directory and LDAP Configuration to Authenticate Cisco ASA VPN”

re-routing inbound isdn fax line to pstn

A multi function device failure in the far reaches of Australia requiring a quick re-route of the line from ISDN in to PSTN out and ‘boom’ we’re up and running again. From: dial-peer voice 1001 pots description *** Site Fax Number destination-pattern 0001 port 0/2/0 forward-digits all To: dial-peer voice 1001 pots trunkgroup ISDN_OUT description *** Forwarded toContinue reading “re-routing inbound isdn fax line to pstn”

Using NBAR to view Traffic Protocols on your network.

NBAR examines the traffic on a router interface and associates it with an application. This is done by way of mapping ports to Protocols.  In addition it also recognises traffic without a standard port number, useful for things like P2P traffic. What would you use this for? If you are trying to identify traffic on anContinue reading “Using NBAR to view Traffic Protocols on your network.”