Wednesday, 29 December 2010

ASA in GNS3

Well I have been playing about with GNS3 a little ove the holidays and looking at how it works. I must say that it is user freindly for some things such as routers but other thing, oh boy can it be troublesome.

GNS3 does not natively support switches, ok I think we all knew that. It does however let you add a switch module to your routers and I will be playing with this a little.

Its when you look at GNS3 and what it can do that you really really start to delve deep into it.

I had the pleasure or misfortune of deciding that if I want to look at security later in the year how good would it be to get te ASA working in it.

Well that in and of itself was a challenge but I managed to get it working. OK I still have a minor issue in that I am unable to save my configs but from a lab perspective thats no big deal as all it really means is having to type everything in again and again. Well hey thats what i would do anyway so I can cope with that. I could also save the configs to a text file.

I also dont have it working in multiple context at the moment but hey little steps. Considering I have no experience currently just getting used to setting one up will be a big step.

Then however I decided to get ASDM working, that was not too hard but you rereally need it working as thats the straight forward way to setup an ASA. Well I managed to get it working at last, the trick there is to use Fiddler but as it intercepts we traffic and sends it to the ASA it screws up your ability to browse the internet.

OK at the end of the day I can practice on it and get some use but I will still probably but and ASA.

Before anyone asks I will not be doing a write up of how to install it ananytime soon. Firstly I want to get all the gremlins sorted, seconly I have other things to focus on, thirdly I really like cables and devices so will practice on a real ASA when the time comes, ASA in GNS3 is a nice to have but GNS3 is really for routers in my humble opinion.

Just a cautionary note, there is an aweful lot of stuff on the internet about getting ASA to work in GNS3, much of it is absolute bollocks I am afraid to say, its pretty straight forward if you have the right stuff as I found out but I still have gremlins. Have fun sorting out the wheat from the chaff.

Here is a link to help you get started ASA on GNS3

Thursday, 23 December 2010

CSCth51156 - Extracting Custom Web Authentication Tar Package May Fail on 5500 WLC

Well I came across a bug that really threw me, basically all those years making tar files and now I had to find a Unix tool to do it. I didn’t use gnuwin32 as it was a nightmare to find and install but Cygwin was awesome, loaded staright away and had my head around it in about 30 minutes.

Also you need to purchase PowerArchiver which I always hate buying software when there are free options available.

Symptom:
When running 7.0.98.0 WLC code on a 5508 WLC, the tar extraction process may fail generating the following error:

Error extracting webauth files.

Conditions:
This condition only occurs on a 5508 running the 7.0.98.0 code. The same
package can be loaded on a 4404 running 7.0.98.0 successfully, and also to a 5508 running 6.0.196.0.

Workaround:
Create .tar package using the following command on UNIX or Windows (via
http://gnuwin32.sourceforge.net/packages/gtar.htm):
tar -cvf login.tar < file1> < file2> < file#>...

PowerArchiver 2010 for Windows (GUI) - Package as Tar, Store

Sunday, 12 December 2010

CCNP Route

Well blogging has taken a bit of a back sat over recent months as I have been really busy with work. However now there is a little hiatus its back to studying.

I was really lucky to be invited onto a Cisco CCNP Route Beta course delivered over the web which was interesting. first the course content was excellent as was the presenter. However it was difficult to stay focused on a webinar for 8 hours a day over 5 days.

That said it certainly filled some knowledge gaps and gave me an understanding of all the content.

Some of the ROUTE content terified me, notably BGP and OSPF which is not good as thats half the course. However I feel alot more confident now that I have some knowledge to build on and neither looks too scary. That said I have a lot to learn.

As well as hopefully posting a bit more on wireless which is my first love I will also post on my CCNP endeavours which will help me memorise the various parts.

For studying I have my lab and GNS3 and will be using some Trainsignal vidos along with Odoms CCNP ROUTE book and the CCNP ROUTE Lab book. I hope thats enough to see me through!

Time scales, well thats a hard question to answer but I am giving myself 6 weeks of hard study to get to grips with it and then review where I am upto. Starting off listening to all the videos and reading the book while doing some labs to aid understanding. Then just lots of labs and back to the videos before the exam.