2018: The year it was

~ delanajero ~ Leave a comment

If you are not a youtube follower of mine, which I believe you should (shameless promotion) follow me at

https://www.youtube.com/channel/UCplk8JQcRTWpUdYNlYNagfQ?view_as=subscriber

I have been more active there than here as it has been really hard writing blogs than just turning on my celfone’s camera and shooting myself rambling about random things. But anyway here’s a quick recap of what 2018 was for me:

  • I was officially promoted as NOC manager early 2018 for an ISP
  • Travelled outside Australia, went to Tokyo & the Philippines
  • Went to a number of non-IT related seminars/forums which includes Landmark Forum, Achievers Conference (Tony Robbins), Writers Training, Forex Training (SYD).
  • Have read more books this year both in paper and audio form most of it is non-technical.
  • Enrolled myself into one of Narbik’s CCIE RS bootcamp in Sydney which eventually got cancelled last minute due to some technical issues with Cisco SYD. I got offered to attend it in Glendale, Calif USA but opted out as it would mean more expense.
  • After returning from Japan, had decided to leave my position of NOC manager as the commute to the Gold Coast from Brisbane is becoming unbearable.
  • Started a new job as a Network Engineer for an MSP based in Brisbane.
  • Since started new position in MSP has explored new technologies outside Cisco such as Palo Alto, Juniper, Asterisk etc.
  • Decided to forego the 2nd attempt at the CCIE RS lab exam and opted to renew the CCNP certs which will soon expire.
  • My home lab has now expanded, despite toning down the number of physical routers and switches in the rack. I just acquired 9 VOIP phones, an Asterisk server, more virtual servers running Palo Alto, ASA & Fortigate. I do have a small Fortigate Firewall. I still need to fireup again my Microtic router, friends gave me when I was in Belgrade, Serbia.
  • Been diagnosed with liver failure and will be undergoing more test in the future. Have hypertension and now under medication to have it under control.

To sum it up, it was the opposite of how it was back in 2017 when I was hard core in terms of being more technical but for some strange reason I have learnt more.

Here’s to a great year ahead in 2019.

 

 

 

Advertisements

Configuring Cisco 887 VA-W via GUI

~ delanajero ~ Leave a comment

Back in the day, well not really that long ago let us just say 5 years ago. I was not a fan of the Cisco Configuration Professional Express. I had to create a few tweaks particularly with Java to just even make it work. It was so clunky which in a way I have no choice but to train myself to configure Cisco devices using the CLI.

As I was tinkering with a Cisco 887 VA-W which is a NBN capable router, if you live in Australia you’d understand its this fibre roll-out that happening replacing copper. I was configuring the access-point that is integrated within the router and I got reminded of the Aeronet AP I featured a few months ago, I decided to check out if I can configure it using CCP.

Alas! I got presented with CCP version 3.3 it was a huge improvement. No more playing around with Java though I had to make some minor CLI adjustments to access it.

Out of the box, 800 series routers have pre-setup dhcp configs, IPs and ACLs. I had to remove them first. I also have set-up a username/password with privilege 15 access.

In my lab, I had to configure vlan 1 to get its IP from my DHCP so I can access CCP from my PC. You always have that option to manually set the IP I just can’t be bothered manually assigning one to this device.

Once vlan 1 receives an IP, try pinging this IP from your PC and if you get an icmp response, open your favorite browser and type in the IP and you’ll be asked to enter the username & password which you created back in step 1. Then you’re in!

It is very easy to nativage, Basic Settings allows you to do configuration on the router like host name, domain ip even time zone, DNS and DHCP.

Interfaces and Connections page will of course allow you to configure the ports and IPs on the router. Just remember if you change the IP on VLAN 1 it would kick you out once changes have been made and would have to log back in using the new IP address assigned if this was the case.

Other pages are self-explanatory like Static Routing, Identity and Dashboard page. Let me jump into the page why I wanted to access CCP in the first place. The Wi-Fi page, for some reason using whatever browser, it would ask you to have the wireless portal access via a new browser tab.

Straight forward, just like how you configure any wifi router.

By clicking the Advance wireless access point configuration link it opens another browser which would give you another set of menus/options to configure your AP. The Express Security menu lets you create an SSID that uses a radius server for authentication.

By going to the Security menu > SSID Manager gives you more options for your AP.

Security menu > Server Manager allows you to configure the radius server that you intend to use for authentication, you can also setup backup radius servers including EAP authentication priority.

In conclusion, after not using Cisco Configuration Professional(CCP) for a while and now experiencing version 3.3 implores me to start using the routers GUI to configure the device. Let me make a disclaimer that at the time of this writing I have not completely configured any Cisco devices to be used in production using CCP as I would need to explore further. But definitely everything looks promising.

Configure Cisco Aironet 1130AG with WPA2 authentication GUI

~ delanajero ~ Leave a comment

The company I was working for was throwing away legacy gear and I decided to ask for it so I can have a play around. It was a Cisco Aironet 1130AG Series AP.

I have been working with the new Cisco 887 and 881 routers with built in AP and would use the CLI to configure the wireless bit. I have also been working on Meraki products particularly the MX product line where everything is cloud base. I was thinking of adding this AP to my home network and eventually get it into my ISE lab.

In order to get this bad boy wired up, I had to open the lid which uncovers the circuit board and nicely labelled ports. It has a fastethernet port PoE powered which is perfect for me as I have a PoE switch. Console cable on the right side of the ethernet port and even though this is an old device I felt like a kid who’s excited to get his new toy working.

Easy reset button found right next to the console port, just stick in your favorite pen and your off.

From the CLI, it boots up just like any cisco device…slow. Once it is done, it will greet you with the ap> the default enable password is Cisco, with the capital C then you can start running your favorite show commands and start exploring.

By default it will get its address from a DHCP server on your network so make sure you have setup one up. Then again there’s always that option to statically set this up with the CLI but it defeats the whole idea behind this blog.

The next step is open your browser and type the IP address assigned to the AP, this should ask you then for a username and password which is both Cisco, again with a capital C.

Word of caution before we proceed, the GUI is so slow and you have to be patient as it takes time. It is as if the lag is when the GUI tries to translate all you’ve clicked into CLI commands and applies it to the AP.

The home page gives you basic information about the AP nothing really exciting. By default the Radio’s under the Network Interfaces section is down but since this screenshot was taken after I have enabled it so disregard that for now.

Statically assigning an IP to this AP

On the left menu click on Express Set-up, once on the page, click the Static IP radio button, then assign the designated IPs for your AP.

Don’t forget to click the Apply button at the bottom of the page.

Create a SSID

On the left menu click on Express Security, enter the name of the SSID, click the Broadcast SSID in Beacon check box, tick the No VLAN unless you want to use a specific VLAN on your network and tick the No Security radio button. Later we will setup the WPA2 password for it so hang tight. Click the Apply button at the bottom of the page.

Enable the radio

Now this is the bit that will test your patience. On the left menu click Network Interfaces, then click one of the radios in my case its Radio0-802.11G. Click the Settings tab, then tick the Enable radio button. Don’t forget to click the apply button at the bottom of the page.

Again, the GUI is laggy, wait for it until the Current Status says enabled just like in my screenshot.

Configuring WPA2

Now there’s a few steps here that you need to pay attention. Go to the Security menu, then click Encryption Manager. Tick the Cipher radio button and on the drop down menu choose AES CCMP. Click Apply-All at the bottom of the page.

Again under the Security menu, click SSID Manager menu. Please wait until the Current SSID List is populated and the SSID you created earlier appears. Again patience is the key here.

Scroll down on the same page till you create the Client Authentication Key Management section. Choose Mandatory on the Key management drop down menu, tick the WPA check box. Note: Depending on the model, it will give you the option to choose WPA2, as I am using a legacy device it does not have that option. Then enter the WPA Pre-shared key.

If you scroll further down you’ll see two(2) apply button, all you have to do is click the apply button under the Mutiple BSSID Beacon Settings section.

Once that is all done, pull out your mobile device, detect the SSID you have created, enter the password and your off to the races. Happy surfing.

UiPath Studio first impressions

~ delanajero ~ Leave a comment

It is 1am basically Monday morning. I have just gone through the first section of the course and started on the next one. I was probably so excited that I couldn’t sleep and all I can think of is learning as much as I can about this software.

There is no time limit on the end of chapter exam and unlimited attempts though I read that after 3 attempts you would have to wait 24 hours to give students time to review the material. I failed on my first attempt and had to retake. I realized that the questions on the first sections were mostly taken from the following section which you won’t have access until you pass the exam. The search function on the academy’s website became my friend.

For a few hours I get to play around with the GUI, I can’t help but reminisce my university days doing programming using Visual Basic 5.0. The look and feel is pretty much the same. Everything is drag & drop with properties windows. Hence it feels home to me.

  1. Ribbon – this is basically your menu bar set in tabs. It has 4 tabs namely Start: To start a new project, Design: basic menu like new, save, run. menu where you’ll do the recording, data and screen scrapping and user events etc basically the whole meat of this application, Execute: running and debugging your workflow and Setup which is like properties in your apps and where you can find the web browser extensions.
  2. Activities – where it lists the objects for your workflow, e.g. dialog box, conditional statement box, message box etc.
  3. Workflow – this is where you place your objects dragged from the activities section such as flow charts, sequences, dialog box etc.
  4. Variables – displays all the variables that is being used inside the flowchart or sequence.
  5. Properties – displays the property option for an object in your workflow.
  6. Outline – gives you an overview of your workflow and objects under each flowchart or sequence.

Starting the automation path with UI-Path

~ delanajero ~ Leave a comment

If you have been following my blog, I have posted blogs on automation. Well…a way I can automate some of my tasks like configure a router by entering all the necessary info like IP, hostnames, routing protocols etc. Figuring out a way where I can also test to validate everything is working. I have been playing with python, netmiko, napalm etc. which requires a combination of programming, networking, linux skill sets.

Then at work I stumbled upon RPA, Robotic Process Application. Read a few Gartner articles and watched a few youtube videos on the topic and it just blew my mind away with the use cases that I can apply with work. The challenge though how can I get my hands into these robots. But before I got any futher I won’t assume you my read would have an idea what am I talking about.

So what is RPA?

Put it simply it is a software that follows a set of sequence, based on a given information, will process them accordingly to produce a desired output. To put it practically, let us say you want this robot to check your email for any request for a particular task, this task requires data to be entered to another software let us say maybe Salesforce, once it is processed, respond back to the sender to confirm that it has been done.

If you are imagining an actual robot with robotic arms and hands typing away from my keyboard and clicking the mouse away, it is not exactly that. Imagine those piano’s you see in the middle of the mall that would play itself. There is no actual robot sitting in front of it to play the piano but something was installed inside of the piano to trigger each key to be pushed to play a sound.

RPA is perfect for any repetitive tasks with accuracy as you remove the possibility of human error, reliability, speed and scalability. You can use RPA either to work side by side with humans to augment with their daily tasks or have them fully self-driven.

It is projected that the RPA market can reach up to $5 billion by 2024.

Getting some hands-on

Yes, here I am again about to get distracted with something shiny. Despite I know I should be focusing my attention to my CCIE RS Lab (2nd attempt). RPA has grabbed my attention. It is definitely not a cheap product or anything that you can just grab out of Best Buy (US) or JB HiFi (Aus).

There are many RPA vendors out there namely Automation Anywhere, Blue Prism, Workfusion but the one that got my interest is UiPath. Aside from having a community edition that has a lifetime license. They have an open academy which you can go through and get certified upon finishing and passing the test.

The academy contains 172 sections of content including all quiz and final exam.

In saying this for the next couple of days, I will be blogging what I have learned and the whole experience of it.

CSR1kv Lab for CCIE RS

~ delanajero ~ Leave a comment

Here is my lab setup in preparation for the CCIE R&S lab. It is running on a HP Proliant DL380 G6 server running ESXi 5.5. I know its old school but it works!

Before you deploy your first Cisco CSRv, make sure you already have secured an OVF copy of the CSRv either via the cisco website or other sources.

File > Deploy OVF Template…

Browse to the file where the OVF is located, then click Next

I leave everything as default and just click on Next

Change the name to your liking and click Next

I leave Disk Format to Thick Provisioning Lazy Zeroed, click Next

Click Next until you reach the Ready to Complete page then click Finish

This will start provisioning your CSRv server, once done, don’t power it up yet. Instead, right mouse click on the server then choose Edit Settings…

Click the Add button, choose Serial Port in the list then click Next

Choose Connect via Network, click Next

Choose the Server radio button, in the Port URI: enter the IP of your server and the port using the following format: x.x.x.x:### , click Next

Click Finish button once you reach the Ready to Complete page.

Click the server on the left pane, click the Configuration tab. Go to Software section, click Security. Under the Firewall section, click Properties

Make sure you tick the VM serial port connected over network label, click Ok

Start the CSRv VM, right mouse click, Power > Power On

Go to the console tab to access the virtual router. At this stage would won’t be able to console into the device using your terminal app because by default it doesn’t allow you to do this. To activate this feature you would need to configure the router by typing:

configure terminal

platform console serial

Save the config, then reload the CSRv.

Once reloaded you can now access your CSRv using your terminal app of choice

I hope this helps you guys. Happy labbing.

Battling with consistency

~ delanajero ~ Leave a comment

Jerry Seinfeld was once asked by a budding comedian for advice as how to become a great standby. Jerry simply answered, all you have to do is write a joke every single day. Every time you did this mark an “x” on your calendar. Do this consistently until you create a chain of x’s for a week and without you knowing it you’ll be good in your craft.

I tried applying this in my studies reviewing for my CCIE RS lab (retake). I am sad to report that it has been difficult for the last couple of days. Just came from Sydney, pulled an all nighter working in the datacentre. For a moment I told myself, I am getting too old for these things. I am not in my mid 20’s where this would be nothing but that day when I entered the datacentre at noon time thursday, went to my hotel to rest, came back at 9pm and next time I got out was 7am, it felt horrible.

I don’t know what I was thinking, I didn’t bother to get an Uber to drive me to my hotel which is still a good 40min walk away, instead I opted to, you guest it, walk. Upon my arrival, the front desk person looked at me as if he’s trying to figure out if I just came from a drinking party as stared aimlessly into nothing.

Since my checkout time is at 10am, I asked if I can extend for another hour as I haven’t touched my bed since I arrived the day before. He agreed and ended his statement with “have a good night’s sleep”, that was 7:30am.

I took a quick shower, then laid my tired body to my king size bed. Closed my eyes and woke up to the sound of a raging jackhammer from the lot next to the building. Checked my clock and yes! its 8:30am. I forgot to mention my day isn’t done, in fact, its another day to go back to the datacentre and do something else. Since its useless forcing myself to sleep with all that noise, I’ve decided to pack my stuff and checked out at 9am.

Went into the DC, did my thing, rushed to the airport, having a flexi ticket I’ve booked myself into the next available flight within the hour. Everything from then on became a blur. To be honest, I vaguely remember being picked up by my Uber as I woke up it was night time, I was in my bed at home.

Now what does this DC story got to do with my consistency or my CCIE prep? Everything! It is a rant blog, you probably have guest it from the get go. My body is still recovering from it and can’t get into the studying state. Checked my calendar, it doesn’t look like I have a chain of x’s, it has become a constellation of x’s where one has to figure out if its trying to create a pattern of some sort.