Skip to content

CCIE23050.com CCIE Network blog HTTP://1806971003

CCIE23050.com

  • Home
  • About Me
  • Contact Me

Author: admin

Linux dig host DNS

Posted on November 1, 2016 by admin

To troubleshoot DNS use the dig and host commands.

ubuntu:~$ dig www.ccie23050.com @4.2.2.2

; <<>> DiG 9.7.1-P2 <<>> www.ccie23050.com @4.2.2.2

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45168 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.ccie23050.com. IN A ;; ANSWER SECTION: www.ccie23050.com. 3600 IN CNAME ccie23050.com. ccie23050.com. 3600 IN A 33.67.33.89 ;; Query time: 128 msec ;; SERVER: 4.2.2.2#53(4.2.2.2) ;; WHEN: Mon Mar 7 10:47:00 2011 ;; MSG SIZE rcvd: 65 To troubleshoot a reverse lookup use the -x option. ubuntu:~$ dig -x 209.191.122.70 ; <<>> DiG 9.7.1-P2 <<>> -x 209.191.122.70

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39053 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;70.122.191.209.in-addr.arpa. IN PTR ;; ANSWER SECTION: 70.122.191.209.in-addr.arpa. 1186 IN PTR ir1.fp.vip.mud.yahoo.com. ;; Query time: 0 msec ;; SERVER: 4.2.2.2#53(4.2.2.2) ;; WHEN: Mon Mar 7 11:22:00 2011 ;; MSG SIZE rcvd: 83 ubuntu:~$ host www.ccie23050.com www.ccie23050.com is an alias for ccie23050.com. ccie23050.com has address 33.67.33.89 ccie23050.com mail is handled by 0 smtp.secureserver.net. ccie23050.com mail is handled by 10 mailstore1.secureserver.net.

Posted in IP, LinuxTagged Linux

Linux IPTraf

Posted on November 1, 2016 by admin

IPTraf is a Linux app for looking at network traffic.

To install.

ubuntu:~$ sudo apt-get install iptraf

Reading package lists… Done

Building dependency tree

Reading state information… Done

The following packages were automatically installed and are no longer required:

linux-headers-2.6.35-22 linux-headers-2.6.35-22-generic

Use ‘apt-get autoremove’ to remove them.

The following NEW packages will be installed:

iptraf

0 upgraded, 1 newly installed, 0 to remove and 15 not upgraded.

Need to get 165kB of archives.

After this operation, 745kB of additional disk space will be used.

Get:1 http://us.archive.ubuntu.com/ubuntu/ maverick/main iptraf i386 3.0.0-7 [165kB]

Fetched 165kB in 1s (135kB/s)

Selecting previously deselected package iptraf.

(Reading database … 216593 files and directories currently installed.)

Unpacking iptraf (from …/iptraf_3.0.0-7_i386.deb) …

Processing triggers for doc-base …

Processing 1 added doc-base file(s)…

Registering documents with scrollkeeper…

Processing triggers for man-db …

Setting up iptraf (3.0.0-7) …

to run

ubuntu:~$ sudo iptraf

Posted in IP, LinuxTagged Linux

Linux arping

Posted on November 1, 2016 by admin

To see if there is a duplicate IP address a handy tool is arping.

ubuntu:$ arping 192.168.1.83
WARNING: interface is ignored: Operation not permitted
ARPING 192.168.1.83 from 192.168.1.86 eth0
Unicast request from 192.168.1.73 [00:26:C7:D0:93:D2] 203.042ms
Unicast reply from 192.168.1.83 [00:26:C7:D0:93:D2] 5.304ms
Unicast reply from 192.168.1.83 [00:26:C7:D0:93:D2] 4.564ms
Unicast reply from 192.168.1.83 [00:26:C7:D0:93:D2] 5.706ms
Unicast reply from 192.168.1.83 [00:26:C7:D0:93:D2] 5.247ms
Unicast reply from 192.168.1.83 [00:26:C7:D0:93:D2] 38.680ms
Unicast reply from 192.168.1.83 [00:26:C7:D0:93:D2] 5.389ms
Unicast reply from 192.168.1.83 [00:26:C7:D0:93:D2] 5.622ms
Unicast reply from 192.168.1.83 [00:26:C7:D0:93:D2] 5.929ms
Unicast reply from 192.168.1.83 [00:26:C7:D0:93:D2] 4.700ms
Unicast reply from 192.168.1.83 [00:26:C7:D0:93:D2] 3.911ms
Unicast reply from 192.168.1.83 [00:26:C7:D0:93:D2] 6.664ms
Unicast reply from 192.168.1.83 [00:26:C7:D0:93:D2] 5.071ms
Unicast reply from 192.168.1.83 [00:26:C7:D0:93:D2] 5.526ms
^CSent 15 probes (2 broadcast(s))
Received 14 response(s) (1 request(s))

If there is a duplicate IP you would see a reply from two seperate MAC addresses.

Posted in IP, LinuxTagged MAC

ASA Netflow

Posted on November 1, 2016 by admin

flow-export destination INSIDE 10.1.1.1 2058

access-list FLOW_EXPORT_ACL extended permit ip any any

class-map FLOW_EXPORT_CLASS

match access-list FLOW_EXPORT_ACL

class-map inspection_default

match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

parameters

message-length maximum 65535

policy-map global_policy

class inspection_default

inspect dns preset_dns_map

class FLOW_EXPORT_CLASS

flow-export event-type all destination 10.1.1.1

Posted in CiscoTagged Cisco

6500 netflow

Posted on November 1, 2016 by admin

interface Vlan77

ip address 172.16.77.254 255.255.255.0

ip helper-address 172.16.1.1

ip flow ingress

ip flow egress

ip pim sparse-mode

ip flow-export source Vlan9

ip flow-export version 9

ip flow-export destination 10.1.1.1 2056

Posted in CiscoTagged 6500

6500 mls netflow

Posted on November 1, 2016 by admin

6509-1#sh mls netflow ip source 77.77.77.77

Displaying Netflow entries in Active Supervisor EARL in module 1/5

DstIP SrcIP Prot:SrcPort:DstPort Src i/f :AdjPtr

—————————————————————————–

Pkts Bytes Age LastSeen Attributes

—————————————————

10.77.77.101 77.77.77.77 udp :56969 :dns Vl31 :0×0

1 85 211 13:05:51 L2 – Dynamic

172.16.77.21 77.77.77.77 tcp :53416 :443 Vl31 :0×0

16 13730 8 13:09:15 L3 – Dynamic

10.77.77.101 77.77.77.77 udp :57666 :dns Vl31 :0×0

1 71 211 13:05:51 L2 – Dynamic

10.77.77.101 77.77.77.77 udp :62039 :dns Vl31 :0×0

1 69 8 13:09:14 L2 – Dynamic

172.16.77.52 77.77.77.77 tcp :53359 :443 Vl31 :0×0

1 46 291 13:04:31 L3 – Dynamic

10.77.77.101 77.77.77.77 udp :65402 :dns Vl31 :0×0

1 75 271 13:04:51 L2 – Dynamic

172.16.91.50 77.77.77.77 udp :57668 :389 Vl31 :0×0

1 196 211 13:05:51 L3 – Dynamic

172.16.9.52 77.77.77.77 tcp :49188 :5721 Vl31 :0×0

66 4026 998 13:09:14 L3 – Dynamic

33.33.25.205 77.77.77.77 tcp :53409 :443 Vl31 :0×0

13 3642 50 13:08:34 L3 – Dynamic

Posted in CiscoTagged 6500

ASA Syslog

Posted on November 1, 2016 by admin

logging enable
logging timestamp
logging buffer-size 100000
logging buffered alerts
logging trap debugging
logging host INSIDE 77.77.77.245
To turn logging off on a per message basis.
no logging message 305011 Built dynamic TCP translation
no logging message 305012 Teardown dynamic TCP translation
no logging message 401004 shun
no logging message 711001 traceback
no logging message 304001 Accessed URL
logging message 505013 level informational – change level
logging message 505015 level informational – change level
logging rate-limit 5 30 message 106017 – Rate-limit message
logging rate-limit 10 5 message 305006 – Rate-limit message

Posted in CiscoTagged Cisco

ASA Anyconnect config

Posted on November 1, 2016 by admin

Pre 8.3

ssl trust-point ASDM_TrustPoint1 OUTSIDE

webvpn

enable OUTSIDE

anyconnect-essentials

svc image disk0:/anyconnect-win-3.1.02040-k9.pkg 1

svc image disk0:/anyconnect-linux-2.5.6005-k9.pkg 2

svc image disk0:/anyconnect-macosx-i386-2.5.6005-k9.pkg 3

svc image disk0:/anyconnect-linux-64-2.5.6005-k9.pkg 4

svc enable

tunnel-group-list enable

tunnel-group TG_Anyconnect type remote-access

tunnel-group TG_Anyconnect general-attributes

address-pool VPN_POOL

authentication-server-group RSA

tunnel-group TG_Anyconnect webvpn-attributes

proxy-auth sdi

group-alias A disable

group-alias A_AnyConnect enable

group-alias Anyconnect disable

Post 8.3

ssl trust-point ASDM_TrustPoint1 OUTSIDE

webvpn

enable OUTSIDE

anyconnect enable

tunnel-group-list enable

tunnel-group TG_Anyconnect type remote-access

tunnel-group TG_Anyconnect general-attributes

address-pool VPN_POOL

authentication-server-group RSA

tunnel-group TG_Anyconnect webvpn-attributes

proxy-auth sdi

group-alias A disable

group-alias A_AnyConnect enable

group-alias Anyconnect disable

group-policy DfltGrpPolicy attributes

dns-server value 8.8.8.8

vpn-simultaneous-logins 500

vpn-idle-timeout 180

vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-client

default-domain value ccie23050.com

Posted in CiscoTagged VPN

post 8.3 ASA l2l VPN config

Posted on November 1, 2016 by admin

name 77.77.77.77 farend_Peer

name 10.77.1.1 farend_Host1

name 10.77.1.2 farend_Host2

name 10.77.1.3 farend_Host3

object-group network FAR_END_HOSTS

description FAR_END_HOSTS

network-object 10.77.1.1 255.255.255.255

network-object 10.77.1.2 255.255.255.255

network-object 10.77.1.3 255.255.255.255

object-group network LOCAL-END_HOSTS

description LOCAL-END_HOSTS

network-object 172.16.77.0 255.255.255.0

network-object 172.20.77.0 255.255.255.0

access-list 105 extended permit ip object-group LOCAL-END_HOSTS object-group FAR_END_HOSTS

Tunnel Group Config

tunnel-group 77.77.77.77 type ipsec-l2l

tunnel-group 77.77.77.77 ipsec-attributes

ikev1 pre-shared-key xxxxx

Crypto Config

crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac

crypto map OUTSIDE_map 20 match address 105

crypto map OUTSIDE_map 20 set pfs

crypto map OUTSIDE_map 20 set peer 77.77.77.77

crypto map OUTSIDE_map 20 set ikev1 transform-set ESP-AES-256-SHA

crypto map OUTSIDE_map interface outside

crypto ikev1 enable outside

crypto ikev1 policy 3

authentication pre-share

encryption aes-256

hash sha

group 2

lifetime 86400

NAT Config

object-group network obj-remote-NAT

network-object 10.77.1.0 255.255.255.0

object-group network obj-local-NAT

network-object 172.16.77.0 255.255.255.0

network-object 172.20.77.0 255.255.255.0

nat (INSIDE,OUTSIDE) source static obj-local-NAT obj-local-NAT destination static obj-remote-NAT obj-remote-NAT

Posted in CiscoTagged VPN

snmp-server traps for ipsec-isakmp

Posted on November 1, 2016 by admin

snmp-server enable traps isakmp policy add
snmp-server enable traps isakmp policy delete
snmp-server enable traps isakmp tunnel start
snmp-server enable traps isakmp tunnel stop
snmp-server enable traps ipsec cryptomap add
snmp-server enable traps ipsec cryptomap delete
snmp-server enable traps ipsec cryptomap attach
snmp-server enable traps ipsec cryptomap detach
snmp-server enable traps ipsec tunnel start
snmp-server enable traps ipsec tunnel stop
snmp-server enable traps ipsec too-many-sas
snmp-server host 1.1.1.1 community1 ipsec isakmp

Posted in CiscoTagged Cisco

Posts navigation

Older posts
Newer posts

Follow Me

  • YouTube
  • LinkedIn

Location

  • 10809 Executive Center Dr, Little Rock, AR 72211
Proudly powered by WordPress | Theme: micro, developed by DevriX.