Managing VPNs from the CLI in Linux

Since I have finally made the switch on my work laptop to use Linux (Ubuntu 12.10) as my primary OS, I have found a few bugs that slow me down on a regular basis. ¬†One of the bugs is that the nm-applet will stop working correctly and won’t let me make any changes to the ...

Juniper to Cisco VPN

In order for a VPN to work between Cisco and Juniper, each subnet needs to be defined on the Juniper firewall as a proxy-id. The juniper firewall also requires “policies” to be created to allow all of this traffic. Two policies are necessary for each local to remote subnet – one for each direction the ...

Decrypt Pre-shared key for Cisco IPSEC VPN

There are a couple ways to retrieve a pre-shared key for a Cisco IPSEC VPN. The easiest way is to actually get it from the running config on the ASA. Unfortunately using a show run will only give you asterisks for the PSK, but you can use this command to see the PSK in the ...

Juniper ScreenOS troubleshooting

Traffic flow debugging This is the most common way that I have set up debugs to determine what is happening to the traffic: set ff src-ip [source ip] dst-ip [dest ip] clear dbuf debug flow basic get db stream The first line (set ff…) is not necessary, but is very useful to limit the debug ...

How to use sed to replace a string in multiple files

Using sed, it is possible to do a search and replace across one or many files. The syntax is as follows: sed -i 's/search/replace/g' [filename] The -i option does inline editing so that the file is actually edited. Without the -i, the file is not edited, but the replacement is printed to the screen. The ...

Chrome OS laptop – Cr-48

Chrome OS laptop - Cr-48
I had an excellent surprise today when my neighbor rang my bell to let me know a couple packages had been mistakenly delivered to his house last week. If that wasn’t enough of a surprise, when I opened the boxes, my jaw hit the floor upon realizing that one of them was a brand new ...

Upgrade ESXi 4.0 to ESXi 4.1

Prior to the upgrade, a backup of the ESXi configuration is recommended. This backup can be done using the vicfg-cfgbackup command that is part of the ESXi CLI. The CLI can be installed in Windows or Linux.

Run ASDM in Linux

Here’s how to run Cisco’s ASDM client in Linux: First, verify that you have a compatible version of java: java -version Next, navigate to the URL of the ASA/Pix, select “Run ASDM” and save the file to you computer. Finally, open a terminal window, navigate to where you downloaded the ASDM launcher and run this ...

Find drive space hogs in Linux

Here is a command that I’ve worked out to help find the source of drive space issues in Linux. This format will only look at directories (ie, it will not report file sizes, just size of directories) and it will recurse into subdirectories. du | sort -n -r | head | awk ‘{print $2}’ | ...

DHCP and Dynamic DNS

How to enable Dynamic DNS updates from a Linux DHCP server to a Windows DNS server. Create the forward and reverse lookup zones on the Windows server. You must allow secure and nonsecure updates. I’m still researching if it is possible to do secure updates from Linux to Windows. Set up DHCP on the Linux ...