CPU Utilization of Lina – Firepower

Login into the FTD > system support diagnostic-cli Attaching to Diagnostic CLI … Press ‘Ctrl+a then d’ to detach. Type help or ‘?’ for a list of available commands. INFO: % Type “show ?” for a list of subcommands firepower# sho firepower# show cpu firepower# show cpu det firepower# show […]

Upgrade of F5 ASM

Current Image: 13.1.7 Expected Image: Pre-Requisite: Before the upgrade we need to remove the reporting configuration at BIG-IP F5 ASM. We would decrease the reserved disk size Command: modify /sys disk logical-disk HD1 vg-reserved 20480 1st Step: You could run “tmsh load sys config verify” and “tmsh load sys config […]

How to view hidden folders using in Apple Mac

How to view hidden folders using Terminal Another way to make hidden files and folders visible requires you to use Terminal. Open Terminal Run the following script: $ defaults write com.apple.Finder AppleShowAllFiles True $ killall Finder If you want to switch it back, simply change the true to false.

AnyConnect VPN in Cisco ASA

Web VPN Configuration: webvpn enable outside anyconnect image disk0:/anyconnect-win-3.1.14018-k9.pkg 1 regex “Windows NT” anyconnect image disk0:/anyconnect-macosx-i386-3.1.14018-k9.pkg 2 regex “Intel Mac OS X” anyconnect image disk0:/anyconnect-linux-3.1.14018-k9.pkg 3 regex “Linux” anyconnect image disk0:/anyconnect-linux-64-3.1.14018-k9.pkg 4 regex “Linux” anyconnect image disk0:/anyconnect-linux64-4.4.03034-webdeploy-k9.pkg 5 regex “Linux” anyconnect image disk0:/anyconnect-win-4.4.03034-webdeploy-k9.pkg 6 regex “Windows NT” anyconnect image disk0:/anyconnect-macos-4.4.03034-webdeploy-k9.pkg […]

Update the Antivirus Database in Palo Alto Using CLI

1. Check for new updates [email protected](passive)> request anti-virus upgrade check Version Size Released on Downloaded Installed ————————————————————————- 2689-3186 82MB 2018/07/30 08:54:05 PDT no no 2687-3184 21MB 2018/07/28 09:46:17 PDT yes previous 2688-3185 21MB 2018/07/29 10:02:37 PDT yes current 2. Download the latest updates [email protected](passive)> request anti-virus upgrade download latest Download […]

Install PAN-OS Software through the CLI

This document describes how to view and install available PAN-OS software through the CLI. Details To display a list of available PAN-OS software, use the following command: > request system software info [email protected](passive)> request system software info Version               Size          Released on Downloaded ————————————————————————- 8.0.11-h1            464MB 2018/07/05  22:16:21         no 8.0.10               462MB […]

IPSec VPN configuration between Cisco ASA to ASA

Phase 1: crypto ikev1 policy 10 authentication pre-share encryption aes-256 hash sha group 2 lifetime 86400 name 10.10.10.6 Thimi-L2 Object Group: object-group network Kukl_Thimi_network network-object 192.168.104.0 255.255.255.0 object-group network Kukl_Thimi_network network-object 192.168.104.0 255.255.255.0 Access Control List: access-list kukl_cryptomap_bhaktapur extended permit ip object-group Kukl_HQ_Network object-group Kukl_Bhaktapur_network log access-list kukl_cryptomap_bhaktapur remark Interesting […]

Enabling Trace Route in Cisco ASA

From a Windows client if I try and Tracert to an external IPaddress, this is what I would see. My first task is to get the ASAitself to reply to me, unlike most network devices the ASAdoes not decrease the ‘hop count’ as traffic passes through it, to rectify this we need to […]

Enable Logging in Juniper

Commands : set system syslog user * any emergency set system syslog file messages any critical set system syslog file messages authorization info set system syslog file messages match RT_FLOW set system syslog file interactive-commands interactive-commands error set system syslog file default-log-messages any info set system syslog file default-log-messages match […]

Troubleshoot USB to Serial Converter Issue

Steps to Download the Driver : https://developer.toradex.com/knowledge-base/how-to-install-prolific-usb-to-serial-driver-on-windows-8 Download PL2303 Driver: http://www.prolific.com.tw/US/ShowProduct.aspx?p_id=225&pcid=41 Chinese CH340 Driver: https://sparks.gogo.co.nz/ch340.html NOTE: Windows 8/8.1/10 are NOT supported in PL-2303HXA and PL-2303X EOL chip versions. Run PL2303 CheckChipVersion tool program in Windows XP/Vista/7 to check chip version. Windows Vista, XP, 2000, 98 and Windows ME driver technical support are discontinued. Prolific […]

NHRP Flags in Cisco Router

NHRP FLAGS AUTHORITATIVE : Indicates that the NHRP information was obtained from the Next Hop Server or router that maintains the NBMA-to-IP address mapping for a particular destination. NEGATIVE: For negative caching; indicates that the requested NBMA mapping could not be obtained. When NHRP sends an NHRP resolution request it inserts an […]

NHRP in Cisco Router

Multipoint Generic Routing Encapsulation (mGRE) It is a multipoint GRE It is point to multipoint It uses GRE and NHRP Next Hop Resolution Protocol (NHRP) NHRP is an ARP (Address Resolution Protocol) like protocol that dynamically maps a non broadcast multi access network NHRP has two component; NH Client (NHC) […]

Recovering the Root Password

To recover the root password: Power off the router by pressing the power button on the front panel. Turn off the power to the management device, such as a PC or laptop computer, that you want to use to access the CLI. Plug one end of the Ethernet rollover cable […]

Dynamic Multipoint VPN with OSPF in Cisco Router

Dynamic Multipoint VPN [OSPF] We assume you have already configured the routers and basic connectivity is achieved and tested using ICMP between physical interfaces of R1, R3 and R4! Phase 1: Creating the TUNNEL interface! Let us first start by creating a Tunnel Interface in the range 172.16.134.0/24 on all the 3 […]

DMVPN with EIGRP in Cisco Router

Dynamic Multipoint VPN [EIGRP] The DMVPN features allows users to better scale large and small IPSec VPNs by combining GRE, IPSec and NHRP to provide users with easy configuration through crypto profiles Hub router has a permanent tunnel to all Spoke router but Spoke router will not have a permanent […]

Packet Structure in VPN Cisco ASA

ISAKMP packet encapsulation and packet headers : IP packet header −       SRC (Source IP Address): local IP address of the initiated IKE negotiation; may be that of a physical/logical interface and maybe be command configured. −       DST (Destination IP Address): peer IP address of the initiated IKE negotiation; command configured. […]

IPsec VPN Troubleshooting in Cisco ASA

Introduction : This guide will present the basic information required to troubleshoot problems in establishing an IKE IPSec VPN Tunnel. The guide will first present the basic premise of IKE negotiation, protocol support, and noteworthy configuration details. This guide will then provide a methodology to test and troubleshoot using the IKE […]