Many times I came across one issue… how to grant access to CLI (Command Line Interface) on Cisco devices without creating separate username and password for each user on each device? In order to resolve that I did use AAA features of Cisco IOS and built-in Windows Server 2008 R2 component – NPS (Network Policy Server).

Those two mixed together can create very nice environment which allows flexible management who, when and how can access network devices. Same time, Active Directory will be central place to grant or deny access to devices as well as enforce specific privilege level.

Below is simple diagram of the whole process and steps which take place when accessing Cisco device integrated with NPS/RADIUS.

(more…)

Some time ago I received request to automate file transfer between FTP server and Development systems. Both, FTP server and Development system, are Windows-based. FTP server was running FTP over SSL only, so that automatically eliminated built-in Windows FTP command-line app. As I was using WinSCP in the past decided to do quick check if it is possible to use it in batch mode, so I can create script and run it on Windows Task Scheduler to automate whole process.

(more…)

VMware Workstation and GNS3 are two platforms which are very handy to test and evaluate solutions before live implementation. By default each of those platforms is separate, however both have components which allow integration. What that means is that it is possible to have virtual machines hosted on VMware Workstation to communicate with Cisco equipment which is running oin GNS3.

By default VMware Workstation has 10 virtual networks which are named VMnet0, VMnet1, … , VMnet9. Each of those networks can be used as:

• Bridged – virtual network connected seamless way to physical adapter. Virtual machines connected to bridged network will appear in same network as physical adapter connected to computer.
• NAT – VMware will translate virtual network and computers connected to that network and allow communication acting as gateway
• Host-only – network available only for virtual machines connected to it. private network for virtual machines.

Configuration of virtual networks is flexible and can be adjusted easily. Each of virtual networks can be also presented on host computer as network adapter.

In GNS3 environment we have Cloud Node Type which can be configured to communicate with any network adapter installed on the computer on which GNS3 is running

(more…)

I think it’s common problem as Active Directory gets bigger in organizations, control over content of that mission-critical component seems to be lost. Same happened in my place. In addition to that we had to provide information from AD on a regular basis in a form of report. We had no tools to pull all data from AD, process it and present in some readable format. However, I was working with skilled SQL guy who was also very good in Reporting Services. So, I proposed that we can link Active Directory with SQL Server and use Transact-SQL to pull information from AD, process it on SQL and then make it readable and presentable through Reporting Services. That would allow SQL guy to process all information and do all kind of reporting required.

Here are components of our LAB environment before solution went to production:

And below steps how we made SQL Server 2008 R2 to work with Active Directory to use Transact-SQL queries to pull information from directory database.

(more…)

If you want to use Windows Server 2012 Datacenter on workstation/laptop (sometimes it is handy to have mobile workstation with server operating system) you might experience issues with wireless networking. Even if driver for wireless network adapter is installed you might not be able to connect to any wi-fi network.

In order to use wireless in Windows Server 2012 Datacenter additional feature has to be installed: Wireless LAN Service. This can be installed from PowerShell prompt using add-windowsfeature wireless-networking command, as shown on screenshot below:

Once installed and server rebooted make sure that WLAN AutoConfig service is started, as shown on screenshot below:

(more…)

As a part of preparation for monitoring our WIndows Server 2008 R2 using SNMP and Nagios we had to add SNMP Services to few systems which didn’t have it yet. So, based on that fact I thought it might be nice to capture all steps involved in adding SNMP to Windows Server machine. Here you can see steps, screenshots and short description how to achieve that.

(more…)

In previous articles in the RANCID series I described:

• How to install RANCID on openSUSE
• Add devices to RANCID

So, we have RANCID collecting configuration from network devices to repository with version control. Only question is how to get access and make use of information collected there.

In this part of RANCID stories I will show how to install and configure WebSVN to access RANCID repository via web browser.

(more…)

Recently I decided to use Amazon AWS EC2 platform to host systems in the Cloud. As operating system I needed is Linux I quickly deployed Amazon Linux AMI, which is quick and simple to do.

Once instance was created I downloaded key pair. Now it came down to connecting to my virtual machine in the cloud.My SSH client of choice is SecureCRT. Let’s see how to configure session parameters in SecureCRT in order to connect to Amazon Linux AMI instance hosted on EC2 platform.

I’m using SecureCRT 7.0.1 to connect to server hosted on Amazon EC2 platform.

(more…)

By default ADLDS does not allow to reset password on users created in ADLDS repository over connection without SSL. As sometimes there is a need to build test environment with ADLDS quick, SSL is the last thing which anyone would care about, especially if main thing to test is script automating password resets.

So, for convenience of the developers ADLDS allows to disable requirements for SSL connection to reset passwords. How to disable that reuqirement? See below how it was done on server where ADLDS was installed on port 50389:

(more…)

Often using VMware Workstation platform we need to quickly create new virtual machine. reasons for that might be different. For example additional machine for our Lab environment or just quick test without affecting other machines we have setup in our virtual environment.

Installing whole operating system with all applications we used to have in our setup might be time consuming process. That is why it is worth to consider creating and using templates to be able quickly generate virtual machines we need.

(more…)