Skip to content

2019

  • 2 min read

FMCv - Change IP Address

Welcome Back ;) Think about this for a bit, its been years ago when we first configured the our Cisco FMCv in our virtual environment perhaps this is running for years with no problems. (Lucky us!) All of our firewalls connect to it, policies are pushed correctly, IPS rules are updated correctly and we even have URL filtering turned on some devices, and upgrades work out of the box, it just works, again lucky us! We have remote backups working but we never needed them...

  • 3 min read

Graylog with AWS Elasticsearch

Graylog has been through some changes last time I talked about them, hitting version 3.0 in February is awesome and one of things that make Graylog run well is Elasticsearch backend. Although Elasticsearch is not too hard to setup it usually runs better on bare metal, so there is cost of that as well as maintenance of the cluster is important, updates and upgrades. Depending your team experience you may not have time to learn it or run it the way it should be. That last thing you want is your logging setup to go down because of poor maintenance. So in this post we will walk though setting up a Graylog Server and using AWS Elasticsearch service for our backend. Without having a quick Elasticsearch cluster Graylog experience suffers, so let's get started.

  • 1 min read

Changes on the Horizon - Cisco

Well we finally got an answer, Cisco is upping their Certifications and making some big changes. The CCNA track is taking a hit as all of the secondary exams under CCNA are being retired. If you are studying for any of these CCNA secondary exams keep in mind these won't transfer over after February 24th 2020. If you complete any current CCNA/CCDA certification before February 24, you’ll receive the new CCNA certification and a training badge in the corresponding technology area. (No idea what a training badge is)

  • CCNA Cloud
  • CCNA Collaboration
  • CCNA Cyber Ops
  • CCNA Data Center
  • CCDA
  • CCNA Industrial
  • CCNA Security
  • CCNA Service Provider
  • CCNA Wireless

If you are CCNP or trying to become one there are some migration tools to you can look at: CCNP Route Switch Migration Tool

CCNP Security Migration Tool

CCNP Wireless Migration Tool

Additional Information: Certifications - Training & Certifications - Cisco

Personally I think its a good thing but there is definitely a change, CCNA is the odd one out unfortunately. If you are in the programming space Cisco DevNet gets their own certification track in February 2020. This is something that Network Engineers have been dabbling in for a while now. More to come I'm sure ;)

  • 6 min read

SVIs and "Routed" Ports

So you have a this nice multiplayer switch, and want to take advantages of all of the features it has to offer. Well there are two different types interface ports on these type of switches. SVIs (Switched Virtual Interface) and "routed" ports, fundamentally they are same and clients/users wouldn't be able to tell if you were using/going through an SVI or a "routed" port. However they are different and in this post we'll talk about these two and when and were it would be recommended to place an SVI or a routed port.

  • 1 min read

Passed 300-115

Just a short post about my recent Cisco exam, I was able to pass the 300-115 to renew all my lower CCNA certifications. The last time I took a Cisco exam was almost 3 years ago when I passed the CCNA Data Center certification. Overall the exam was fair although you will need multiple study resources to make sure you cover all the exam objectives. The primary reason for doing this exam first instead of ROUTE or TSHOOT was I felt it was maybe the hardest one? Won't really know until I take the other two. The resources I used:

  • 7 min read

Dual ISP - Cisco ASA HA Active/Standby

So a single ISP isn't cutting it anymore you need a backup just in case the primary fails and might as well add a second ASA into this design, more redundancy equals more up-time, right? On paper it sounds good but in the "real" world there probably is tipping point, more redundancy increases complexity. In this post we'll aim to keep it simple, with setting up a Cisco ASA HA active/standby pair and then add in the second ISP. Let's get started! So this is what our topology will look like all said and done, we have two firewalls and two different ISPs. The primary ISP is ISP-1 and the secondary ISP is ISP-2. We will always be using ISP-1 as the primary and won't be load balancing between the two. ISP-2 will only be used when ISP-1 goes offline. When ISP-1 comes back online we will switch back over to ISP-1.

  • 4 min read

FMC Syslog with Graylog Extractor

Let's continue to talk about the Cisco Firepower Management Center, in this post we are going to look at sending connection events over to syslog. In this example I'm using Graylog which is an open source logging platform and  although any syslog server would work, one of the problems with syslogs is there is little uniformity when you have different systems sending these logs. One of the things that Graylog can to do is extract the raw message and put each part of message into a separate searchable field. We'll configure the FMC to send syslogs and then configure an extractor on Graylog.

  • 6 min read

Oh Spanning Tree

It's the "S" word we don't like to hear, and often times it has degraded networks or even took them down entirely.  (All Systems Down - an older but classic story) It's also one of those things that nobody really likes, we even had network companies, as well as IEEE try to replace it with something else. Remember the names like TRILL, and IEEE 802.1aq (SPB) or Cisco's FabicPath technologies? You had all of these different flavors that showed a lot progress, but they never really took off for one reason or another. The funny part is this protocol we are all trying kill off is still alive and doing well, so let's look at spanning tree in the meantime because you will likely run into it.