How to enable traffic logs in Juniper SRX

November 9th, 2014 Comments off

KB19490

root@srx#set security log mode event
root@srx#commit

OR

Logon to the GUI/J-web, go to Monitor > Events and alarms > Security events, and click Create log configuration: Read more…

Categories: Juniper, SRX Tags:

Error adding datastores to ESXi resolved using partedUtil in ESXi5.x

September 27th, 2014 3 comments

partedUtil mklabel /dev/disks/<your-identifier> msdos

Categories: 5.x, Esxi, VMware Tags:

Cisco ACS 5.3 with AD Integration

September 2nd, 2014 54 comments

1) DNS point to DC

#ip name-server <your-dc>

2) Check the time zone and Time ( make sure same with DC )

#show clock

#clock timezone Asia/Singapore <— for my case

#nslookup <your-internal-domain>

3) Recommend to use NTP

4) Join AD

Users and Identity Stores > External Identity Stores > Active Directory

5) Configure Access Service

Access Policies > Access Services > Default Device Admin > Identity>Single result selection > Select Your AD.

 

Read more…

Nesting on ESXi 5.5 without Web client

August 17th, 2014 4 comments

For Esxi

At first, gather the vmid

# vim-cmd vmsvc/getallvms

 

Once You get the vmid for VMs, than run  ( upgrade to version 9 )

# vim-cmd vmsvc/upgrade vmid vmx-09

 

For Hyper-V, edit the vmx

hypervisor.cpuid.v0 = FALSE

Read more…

Categories: Esxi, Hyper-V, Nested, VMware Tags:

WCCP L2 setup on cisco 3750 witch for IronPort

June 27th, 2014 244 comments

ip access-list extended CLIENT_TRAFFIC
permit tcp 192.168.69.0 0.0.0.255 any eq www

ip wccp 69 redirect-list CLIENT_TRAFFIC
interface Vlan69
ip address 192.168.69.1 255.255.255.0
ip wccp 69 redirect in

Once You saw below console message, its done :)

%WCCP-5-SERVICEFOUND: Service 69 acquired on WCCP Client

Categories: CISCO, IronPortWebSecurity Tags:

IPS7 Initial Setup

June 25th, 2014 5 comments
sensor# setup
Enter host name[sensor]: YourHostName
Enter IP interface[192.168.1.2/24,192.168.1.1]: 172.16.254.51/24,172.16.254.1
Modify current access list?[no]: yes
Permit: 0.0.0.0/0
Permit:
Modify system clock settings?[no]:
The following configuration was entered.
[2] Save this configuration and exit setup
Enter your selection[3]: 2  <-to save the config
— Configuration Saved —
Categories: CISCO, IPS, Network Tags:

Tracking Configuration change in Cisco IOS

June 22nd, 2014 38 comments

2960-01(config)#archive
2960-01(config-archive)#log confi
2960-01(config-archive)#log config
2960-01(config-archive-log-cfg)#logging enable
2960-01(config-archive-log-cfg)#logging size 500  ( default is 100 )
2960-01(config-archive-log-cfg)#hidekeys

##Option##  (config-archive-log-cfg)#notify syslog ( exports to syslog server )

#show archive log config all

 

Categories: CISCO, Log, Network Tags:

How to create your own .vib files

June 15th, 2014 38 comments

http://www.yellow-bricks.com/2011/11/29/how-to-create-your-own-vib-files/

Read more…

Categories: Esxi, VIB, VMware Tags:

Delete Fortigate Firewall traffic log

June 13th, 2014 5 comments

execute log delete-all

Categories: Firewall, Log, Network Tags:

Enable SSH access on ASA

June 10th, 2014 5 comments

1) create username and password

# username xxx password xxx

2) define authenticate method

#aaa authentication ssh console LOCAL

3) Permit access from

#ssh 0 0 outside / inside

4)Generate RSA

#crypto key generate rsa modules 1024

Done

Categories: ASA, CISCO, Firewall, Network Tags: