Author Archives: scotia

IPSEC – Freebsd (StrongSwan) – Cisco IOS-XE – VTI & IKEv2/PSK

Posted on August 5, 2024 by scotia

Router configuration FreeBSD/StrongSwan configuration

Posted in Uncategorized | Leave a comment

JunOS and SNMPv3 into VRFs and Logical Systems

Posted on July 29, 2023 by scotia

Without addition configuration, SNMP elements that lie without the scope of the base logical system and default routing instance (aka master) are not visible to SNMP agents. This means routes, BGP neighbours, etc that are configured in routing instances and … Continue reading →

Posted in Uncategorized | Tagged junos, logical systems, lsys, management, routing, snmp | Leave a comment

10G Ethernet NIC in a HP Microserver N40L

Posted on June 4, 2022 by scotia

I’m thinking of moving my storage for my NAS (N40L) from DAS to iSCSI. My current set-up is trivial (and not performant): the N40L has 4 local SATA drives and an LSI2008 in IT mode connected to 6 SATA drives. … Continue reading →

Posted in Uncategorized | Leave a comment

Juniper MX10003: Port speeds and ASICs

Posted on October 13, 2021 by scotia

Each MX10003 comes with two MPC slots, each with two MIC slots. One slot is pre-populated with a fixed, 6-port PIC, while the other slot is free to accept a MIC. Keen-eyed readers will point out that a PIC goes … Continue reading →

Posted in Uncategorized | Tagged juniper | Leave a comment

Cisco WLC, MAC authentication and Passthrough WebAuth

Posted on May 10, 2021 by scotia

While Passthrough WebAuth upon MAC authentication failure is not supported on Cisco WLCs, it is easy to workaround this by doing the following. The first step is to create a user to be used as a dummy account that the … Continue reading →

Posted in Uncategorized | Leave a comment

FreeRADIUS, MySQL and Cisco WLC AAA Override

Posted on May 7, 2021 by scotia

Here’s how to get AAA Override working on a Cisco WLC using FreeRadius backed with MySQL: Enable AAA Override on the WLAN on the WLC Create a Dynamic Interface on the WLC with a vLAN and IP address Add the … Continue reading →

Posted in Uncategorized | Tagged aaa, cisco, freeradius, mysql, vlan, wifi, wlc | Leave a comment

Cisco password type 7 Vigenère cipher seed/keyword

Posted on March 22, 2021 by scotia

If you were ever wondering what the seed (keyword) is for Cisco’s password encryption type 7 (which uses the Vigenère cipher), in ASCII it’s: or in hex:

Posted in Uncategorized | Tagged cisco, crypto, encryption | Leave a comment

Private vLANs

Posted on March 22, 2021 by scotia

Having just implemented private vLANs on a Cisco 3750X switch I thought I’d share some findings. A private vLAN configuration consists of a primary vLAN, zero or one isolated vLANs, and zero or more community vLANs. When associated with each … Continue reading →

Posted in Uncategorized | Tagged private vlans, routing, switching, vlans | Leave a comment

Using LetsEncrypt certificates with Cisco WLC WebAuth

Posted on May 14, 2020 by scotia

Assuming you’ve got a nice fresh certificate from LetsEncrypt and are in the directory where it, your key, and the LE root certificate (TrustID X3) lives: Check the logs to make sure the import was successful. If so you will … Continue reading →

Posted in Uncategorized | Leave a comment

Cisco ACLs and the ‘established’ keyword

Posted on December 6, 2019 by scotia

While writing software to convert Cisco ACLs to VyOS’s firewall syntax I got to wondering what the ‘established’ keyword meant on TCP ACLs. Although my Internet facing ACL is connected to CBAC (and therefore stateful), my inter-vLAN ACLs are stateless, … Continue reading →

Posted in Uncategorized | Leave a comment

Author Archives: scotia

Archives

Meta