Recent Posts

Pages: [1] 2 3 ... 10
1
root@srx> show system storage partitions 
Boot Media: internal (da0)
Active Partition: da0s2a
Backup Partition: da0s1a
Currently booted from: backup (da0s1a)

Partitions information:
  Partition  Size   Mountpoint
  s1a        292M   /
 s2a        293M   altroot
  s3e        24M    /config
  s3f        342M   /var
  s4a        30M    recovery

root@srx> request system snapshot slice alternate
Formatting alternate root (/dev/da0s2a)...
Copying '/dev/da0s1a' to '/dev/da0s2a' .. (this may take a few minutes)
The following filesystems were archived:
3
CCNA Certification / Re: ASA 5505 NAT Configuration Guide
« Last post by certforumz on January 14, 2020, 07:52:17 AM »
****
https://www.practicalnetworking.net/stand-alone/cisco-asa-nat/

Part 1 – NAT Syntax

There are two sets of syntax available for configuring address translation on a Cisco ASA. These two methods are referred to as Auto NAT and Manual NAT. The syntax for both makes use of a construct known as an object. The configuration of objects involve the keywords real and mapped. In Part 1 of this article we will discuss all five of these terms.
Objects

An object is a construct which represents any single item in your network environment. Two types of objects can be configured:

    a network object — represents one IP address, or one IP Subnet, or one IP address range
    a service object — represents one set of a Protocol, Source Port, and/or Destination port

The idea is to configure and define an object, then reference that one item in your configuration by the object’s name.
Network Objects

To configure a network object, first use the following syntax to create the object:

object network <Object Name>

Then define the content of the object as either a single IP Address, or a single IP Subnet, or a single IP Address range using either of the commands below:

  host <IP Address>

  subnet <Network ID> <Subnet Mask>

  range <Start IP Address> <End IP Address>

Below are examples of each of the three types of network objects:

To create a network object which represents your web server’s IP address, you would use the following syntax:

object network WEB-SERVER
  host 172.16.30.15

To create a network object which represents your Inside network, you would use the following syntax:

object network INSIDE-NETWORK
  subnet 172.16.30.0 255.255.255.0

Lastly, to create a network object which represents a particular IP address range, you would use the following syntax. This will define a range that includes all five IP addresses in the inclusive range of 72.6.6.10 through 72.6.6.14.

object network PUBLIC-IPs
  range 72.6.6.10 72.6.6.14

Service Objects

To configure a service object, first use the following syntax to create the object:

object service <Object Name>

The content of the service object must include at least a protocol, and can also include a source port, destination port, or both. Here are examples of all four possibilities:

object service PROTOCOL
  service esp

object service PROT-DST
  service tcp destination eq 80

object service PROT-SRC   
  service tcp source gt 1023

object service PROT-SRC-DST
  service udp source eq 53 destination eq 53

The specific port number the object represents can be identified using certain operators – the example above uses eq and gt. Five different operators exists:
eq <Port#>    Port must be equal to <Port#>
gt <Port#>    Port must be greater than <Port#> (equal to <Port#> will not match)
lt <Port#>    Port must be lesser than <Port#> (equal to <Port#> will not match)
neq <Port#>    Port must be not equal to <Port#>
range <Start#> <End#>    Port must be in the inclusive range of <Start#> to <End#>
Viewing Objects

Two commands are available to view objects:

The show run object command lists the objects essentially as they were configured above:

asa98#  show run object
object service PROTOCOL
  service esp
object service PROT-DST
  service tcp destination eq www
object service PROT-SRC
  service tcp source gt 1023
object service PROT-SRC-DST
  service udp source eq domain destination eq domain
object network WEB-SERVER
  host 172.16.30.15   
object network INSIDE-NETWORK
  subnet 172.16.30.0 255.255.255.0
object network PUBLIC-IPs
  range 72.6.6.10 72.6.6.14

And the show run object in-line command displays the same as above, except every object definition will be on the same line as the object name:

asa98#  show run object in-line
object service PROTOCOL service esp
object service PROT-DST service tcp destination eq www
object service PROT-SRC service tcp source gt 1023
object service PROT-SRC-DST service udp source eq domain destination eq domain
object network WEB-SERVER host 172.16.30.15
object network INSIDE-NETWORK subnet 172.16.30.0 255.255.255.0
object network PUBLIC-IPs range 72.6.6.10 72.6.6.14

Using the in-line variant makes it much easier to “pipe include” and search for a specific object name and/or definition:

asa98#  show run object in-line | include WEB
object network WEB-SERVER host 172.16.30.15

If you had done the “pipe include” without the in-line option you just would have received the full name of the object, but not the object’s definition.
4
CCNA Certification / Re: CCNA Lab Kit Switch Configuration
« Last post by certforumz on January 13, 2020, 10:16:44 AM »
Checkthis out for basic switch configuration:
http://www.ciscopress.com/articles/article.asp?p=2181836&seqNum=4
5
CCNA Certification / To recover password on a Cisco Switch
« Last post by certforumz on January 13, 2020, 03:26:16 AM »
1. boot switch and hold
1. boot switch and hold button to enable 'Rommon' mode

2. rename flash:config.text to anything but

3. boot switch, will come up as blank switch

4. use command 'more flash:(renamed file)'

5. use command 'copy flash:(renamed file) running-config'

6. remove any username/passwords on device

7. write to memory using 'write mem' or 'copy running-config startup-config'

8. done.

6
CCNA Certification / Windows 10 - enable ping in Widnwos Defender
« Last post by certforumz on January 13, 2020, 01:28:28 AM »
By default, Wndows 10 wont allow exteral ping. If you try to ping a Windows 10 compuer IP address, it will give time out error. Check out this for setting that allow external ping:
https://kb.iu.edu/d/aopy

Search for Windows Firewall, and click to open it.
Note:
For help navigating, see Get around in Windows.
Click Advanced Settings on the left.
From the left pane of the resulting window, click Inbound Rules.
In the right pane, find the rules titled File and Printer Sharing (Echo Request - ICMPv4-In).
Right-click each rule and choose Enable Rule.
7
CCNA Security / CCNA Security 210-260 Sample Questions for Android Mobiles
« Last post by Venkatesh D on January 08, 2020, 01:20:21 AM »
We thought you heard changes in Cisco certifications that go live on 24 February 2020, so if you are really looking forward to getting Cisco Security 210-260 certification, you will have time until the 23rd February 2020. Before taking any test the candidate has knowledge of the test and needs some practice, the same way ccna security 210-260 test also requires some practice to get pass with a good score. Simulationexams is one of the best practice tests and lab simulators provider has released ccna security 210-260 practice test android apps that give ccna security exam sample questions with answers. The candidates will have the option to take the tests in their free time, no need to select a particular place and devices like pc, laptop other things to practice because nowadays all are carrying smartphones with them at any time and anywhere. you can simply download load it from play store, and practice whenever you get free time. It helps you to use your daily traveling, break and other free time.
The ccna security android apps will come with 200 practice questions with answer flashcards and simulates real test surroundings, flashcards help to know the complete explanation for each question in learn mode and the candidate must face the actual test environment when writing the test in the ccna security exam simulator exam mode. Below I listed some of the best features of ccna security practice test android apps.

Features of CCNA Security 210-260 Exam Simulator Android Apps:
  • It is easy to download from the Play Store and is compatible with all Android devices
  • Available in both demo/full versions
  • 200+ highly relevant practice questions
  • Detailed flascards explanations for each answer in learn mode
  • Simulates real test surroundings in exam mode
  • Options to save the results for future view
  • Supports different question types like multiple choice single/double answers, Text/Image-based drag-n-drop type questions,  and performance-based questions.
  • Completely revised with Simlets, Testlets, and Router Simulation questions.
  • At the end of each exam, a detailed report is provided along with category wise scoring.
About SimulationExams: SimulationExams is the online practice tests and lab simulators provider for cisco, comptia, juniper, pmp, checkpoint, and other IT certifications. Practice tests help in consolidating your concepts, preparation and also as exam cram.
Disclaimer: Simulationexams.com Is not associated with cisco organization and ccna is a trademark of cisco duly acknowledged. All the practice tests available on the simulationexams website are the copyright of simulationexams.com.
8
CCNA Certification / Re: PPPOE configuration using SRX100
« Last post by certforumz on January 03, 2020, 02:33:45 AM »
Check out this example for PPPOE configuration using SRX100:

https://www.fir3net.com/Firewalls/Juniper/srx-pppoe.html

Also see this:
http://networkingbodges.blogspot.com/2015/04/quick-build-pppoe-client-on-junos.html

explained well.

Also see:
https://forums.whirlpool.net.au/archive/1349641
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-interface-config-pppoe.html


CONFIGURATION
Below shows the required configuration for PPPoE.

set interfaces fe-0/0/7 unit 0 encapsulation ppp-over-ether

set interfaces pp0 unit 0 ppp-options chap default-chap-secret <PASSWORD>
set interfaces pp0 unit 0 ppp-options chap local-name <USERNAME>
set interfaces pp0 unit 0 ppp-options chap passive

set interfaces pp0 unit 0 pppoe-options underlying-interface fe-0/0/7.0
set interfaces pp0 unit 0 pppoe-options idle-timeout 0
set interfaces pp0 unit 0 pppoe-options auto-reconnect 3
set interfaces pp0 unit 0 pppoe-options client

set interfaces pp0 unit 0 family inet mtu 1492
set interfaces pp0 unit 0 family inet negotiate-address

set routing-options static route 0.0.0.0/0 next-hop pp0.0
set security zones security-zone untrust interfaces pp0.0

TROUBLESHOOTING
STATISTICS
The following commands are used to display ppp and pppoe statistics.

root@srx100> show ppp statistics
Session statistics from PPP process
  Total sessions: 1
    Sessions in disabled phase    : 0
    Sessions in establish phase   : 0
    Sessions in authenticate phase: 0
    Sessions in network phase     : 1
    Bundles in pending phase      : 0

root@srx100> show pppoe statistics
Active PPPoE sessions: 1
  PacketType                       Sent         Received
    PADI                              2                0
    PADO                              0                2
    PADR                              2                0
    PADS                              0                2
    PADT                              0                0
    Service name error                0                0
    AC system error                   0                0
    Generic error                     0                0
    Malformed packets                 0                0
    Unknown packets                   0                0
  Timeout
    PADI                              0
    PADO                              0
    PADR                              0

INTERFACE INFORMATION
The following command is used to display use information for the pp0 interface.

root@srx100# run show interfaces pp0
Physical interface: pp0, Enabled, Physical link is Up
  Interface index: 128, SNMP ifIndex: 502
  Type: PPPoE, Link-level type: PPPoE, MTU: 1532
  Device flags   : Present Running
  Interface flags: Point-To-Point SNMP-Traps
  Link type      : Full-Duplex
  Link flags     : None
    Input packets : 0
    Output packets: 0

  Logical interface pp0.0 (Index 78) (SNMP ifIndex 532)
    Flags: Point-To-Point SNMP-Traps 0x0 Encapsulation: PPPoE
    PPPoE:
      State: SessionUp, Session ID: 6,
      Session AC name: Vigor2000 PPPoE, Remote MAC address: xx:xx:xx:xx:xx:xx,
      Configured AC name: None, Service name: None,
      Auto-reconnect timeout: 30 seconds, Idle timeout: Never,
      Underlying interface: fe-0/0/7.0 (Index 77)
    Input packets : 1341
    Output packets: 1153
  Keepalive settings: Interval 10 seconds, Up-count 1, Down-count 3
  Keepalive: Input: 5 (00:00:19 ago), Output: 26 (00:00:06 ago)
  LCP state: Opened
  NCP state: inet: Opened, inet6: Not-configured, iso: Not-configured, mpls: Not-configured
  CHAP state: Success
  PAP state: Closed
    Security: Zone: untrust
    Allowed host-inbound traffic : dns https ike ping ssh traceroute
    Protocol inet, MTU: 1492
      Flags: Sendbcast-pkt-to-re, User-MTU, Negotiate-Address
      Addresses, Flags: Kernel Is-Preferred Is-Primary
        Destination: x.x.x.x, Local: x.x.x.x

 
9
CBT Software / Skill Testing Exam Software For IOS Devices
« Last post by Venkatesh D on January 02, 2020, 07:42:10 AM »
Time for a change from paper and pen-based exam environment to computer-based testing, the Skill testing software is the one-stop solution for pen-and-paper based exams, make one simple solution for different types of exams. Skill testing exam software is the online exam maker which plays a key role in the educational field. Academic areas such as schools, institutes, and colleges are pushing towards this test method, which helps reduce paper usage, instant scorecards, time management, and much other help as soon as he/she hits the submit button.
Get the Exam engine software for ios devices in the app store ios app with different features like Timed, flashcards, exam mode learn mode and review mode. Other features include font adjustment, night/day modes, and bookmarking. Authors can create exams using skill testing exam software as per their needs and requirements by using the ios app with different parameters like the number of questions per exam, question types. It allows the candidates to take the test using CBT(Computer-based Test) exam engine with just one click. Some important feature of exam engine software is listed below.

Features of Exam Software:
  • Easy Download and Install
  • Customize the application to display your own institute logo.
  • Supports various question types, including Multiple choices with Single/multiple answers, Drag-n-Drop(Text?Image), Exhibit, Hotspot, and Scenario-based questions.
  • Configure exam parameters like the number of questions per exam, exam time, pass percentage.
  • Intuitive Navigation
  • Read modes: White text on a black background(Night mode) Black text on white background(Day mode)
  • Import the exams from local storage or by giving a URL
  • Learn mode: Allows to learn where the candidate can view the questions with answers for self-learning
  • Exam mode: Allows to take the test with real exam surroundings like time limit, scoring, and etc.
  • Review mode: It allows the candidate to save the results for future reference
  • Candidates can add notes for each question while taking the exam for any reference at a later stage.
  • Instant scorecard after ending the exam.
10
CCNA Certification / Re: CCNA Lab Kit MYSQL Installation Error with MySQL 8.0
« Last post by certforumz on January 02, 2020, 07:28:54 AM »
The PHPMyAdmin may give error when installed. Give the following commands to fix it:

mysql> alter user root@localhost identified with mysql_native_password by '';
Query OK, 0 rows affected (0.11 sec)

mysql>

Error:

windows mysqli::real_connect(): The server requested authentication method unknown to the client [caching_sha2_password]
Pages: [1] 2 3 ... 10