Failing a Cert (ALE ACFE LAN)

This week I was in Sydney Australia for a week particularly at the Alcatel-Lucent Enterprise headquarters. I was there to attend a course on their switch, wireless and management platform.

I have gone through training courses from the past from other vendors where what would usually be a 3-day course is compressed into a days course. Like this one, the switching course originally was a 5 day course compressed into a day while the wireless and management course a 3-day course jammed packed into one. Well in my case, the wireless course only for 4 hours as I had to fly back to Brisbane that afternoon and to duct traffic had to leave shortly after lunch and by-passed most of the labs.

The week course also included a certification exam which is the Alcatel-Lucent Field Engineer LAN (ACFE) which is their equivalent of Cisco’s CCNA RS. So imagine, for 3.5 days had to cram all these information about a certain vendor including their wireless technology and taking an exam after it.

I told myself, sure how hard can it be. I relied on my experience and fundamentals thinking that it would carry me through to another vendor certification under my belt. Well, in summary it was like the BCNE experience. I failed! Not miserably in comparible to the Brocade exam but I still failed. Passing score was 75% and I got 63%. Exam was 45mins and can be done from home. Yes it was open book, google all you want and what did I do? I winged it and hit the ground face first with a shameful story to write as a blog post.

I have emailed Alcatel in the hopes that I would be granted another attempt and this time would have to go through all 900+ pages of the material to make sure I don’t do it again. Definitely the guys at work would be asking me about it come Monday and dredding to tell all about it. Oh well…

Advertisements

Cloud your phone

I will admit I am not a collaboration technology person, I could probably know a few bits and pieces of CUCM or asterisk. In fact I have an Asterisk setup at home running on a Fedora server with 9 sip phones not to mention soft phones.

Let us just say that what forced me to learn these technology is through work and working for an MSP, in a way you are required to atleast know something about this technology.

I was just in a conversation with a client who runs a legacy Avaya setup. They have four sites, one of which is overseas all communicating via a VPN link back to their main office. Recently they have been plagued with so many issues namely, call drops, voice calls, you name it. From the network perspective we’ve done all test and everything looks fine to the point, there were other engineers to verify my findings.

A temporary solution is a reboot of the server hosting the PBX and it will get resolves and would be a matter of days before the issue would reoccur. I have suggested to the client to get in touch with their PBX provider to run packet captures on the PBX to further investigate but the provider slammed them with the “not part of contract”clause and insisted that since they have a legacy system to just opt for buying a new kit.

I asked if they have ever considered a cloud solution. To my surprise, the client even haven’t heard that a technology does exist. It is no different from having your servers from onprem to a cloud provider like Microsoft Azure or AWS. All the capabilities and feature you’d expect from an on-prem PBX and more.

Personally, what I really love about the cloud solution is the fact that all you need is an internet connection. I once worked for an ISP and I can bring my physical phone anywhere around the world and as long as I can power it up and provide an internet access. I can receive and accept calls as if I am in Australia. It truly is amazing.

It provides the flexibility as you could either use your existing handsets provided they support sip or maybe you can rent them out. No need to think about on-prem hardware or software upgrades as everything is done by the cloud provider. All you have to worry about is secure a decent internet connection and make sure that voice traffic is prioritised on your network.

To the cloud! AZ 100-101

If you are new to my website of randomness then welcome. Earlier this year I just passed the CCNP Tshoot exam renewing all my professional level certs for another three years while I prep again to what I call “season 2” of my pursuit of the CCIE number.

I have already taken the written, became a candidate, did a lab attempt and did not make it. Life happened just like what happens to most people aka “an excuse”, the remaining time has passed and I ran out of time. Hence, here we are again trekking the long climb from base camp.

Anyway, there’s this new shinny object that is catching my attention. It’s Microsoft’s Azure Associate Certification. It is a combination of 2 exams (AZ 100 & 101). Lately I have been working at work around Azure deployment so might as well go for a cert.

Here are my study materials:

CBT Nuggets Microsoft Azure – Implementing Infrastructure Solution (70-533)
Udemy Azure Administrator Infrastructure & Deployment (AZ 100) by Scott Duffy
Udemy Azure Integration & Security (AZ 101) by Scott Duffy
Microsoft Azure tenant account, here in Australia you get a $250AUD for 30days
Microsoft Self paced labs, I find labs here are way better compared to Cisco’s dCloud

In saying that, here we go…to the Cloud!

 

 

2018: The year it was

If you are not a youtube follower of mine, which I believe you should (shameless promotion) follow me at

https://www.youtube.com/channel/UCplk8JQcRTWpUdYNlYNagfQ?view_as=subscriber

I have been more active there than here as it has been really hard writing blogs than just turning on my celfone’s camera and shooting myself rambling about random things. But anyway here’s a quick recap of what 2018 was for me:

  • I was officially promoted as NOC manager early 2018 for an ISP
  • Travelled outside Australia, went to Tokyo & the Philippines
  • Went to a number of non-IT related seminars/forums which includes Landmark Forum, Achievers Conference (Tony Robbins), Writers Training, Forex Training (SYD).
  • Have read more books this year both in paper and audio form most of it is non-technical.
  • Enrolled myself into one of Narbik’s CCIE RS bootcamp in Sydney which eventually got cancelled last minute due to some technical issues with Cisco SYD. I got offered to attend it in Glendale, Calif USA but opted out as it would mean more expense.
  • After returning from Japan, had decided to leave my position of NOC manager as the commute to the Gold Coast from Brisbane is becoming unbearable.
  • Started a new job as a Network Engineer for an MSP based in Brisbane.
  • Since started new position in MSP has explored new technologies outside Cisco such as Palo Alto, Juniper, Asterisk etc.
  • Decided to forego the 2nd attempt at the CCIE RS lab exam and opted to renew the CCNP certs which will soon expire.
  • My home lab has now expanded, despite toning down the number of physical routers and switches in the rack. I just acquired 9 VOIP phones, an Asterisk server, more virtual servers running Palo Alto, ASA & Fortigate. I do have a small Fortigate Firewall. I still need to fireup again my Microtic router, friends gave me when I was in Belgrade, Serbia.
  • Been diagnosed with liver failure and will be undergoing more test in the future. Have hypertension and now under medication to have it under control.

To sum it up, it was the opposite of how it was back in 2017 when I was hard core in terms of being more technical but for some strange reason I have learnt more.

Here’s to a great year ahead in 2019.

 

 

 

Configuring Cisco 887 VA-W via GUI

Back in the day, well not really that long ago let us just say 5 years ago. I was not a fan of the Cisco Configuration Professional Express. I had to create a few tweaks particularly with Java to just even make it work. It was so clunky which in a way I have no choice but to train myself to configure Cisco devices using the CLI.

As I was tinkering with a Cisco 887 VA-W which is a NBN capable router, if you live in Australia you’d understand its this fibre roll-out that happening replacing copper. I was configuring the access-point that is integrated within the router and I got reminded of the Aeronet AP I featured a few months ago, I decided to check out if I can configure it using CCP.

Alas! I got presented with CCP version 3.3 it was a huge improvement. No more playing around with Java though I had to make some minor CLI adjustments to access it.

Out of the box, 800 series routers have pre-setup dhcp configs, IPs and ACLs. I had to remove them first. I also have set-up a username/password with privilege 15 access.

In my lab, I had to configure vlan 1 to get its IP from my DHCP so I can access CCP from my PC. You always have that option to manually set the IP I just can’t be bothered manually assigning one to this device.

Once vlan 1 receives an IP, try pinging this IP from your PC and if you get an icmp response, open your favorite browser and type in the IP and you’ll be asked to enter the username & password which you created back in step 1. Then you’re in!

It is very easy to nativage, Basic Settings allows you to do configuration on the router like host name, domain ip even time zone, DNS and DHCP.

Interfaces and Connections page will of course allow you to configure the ports and IPs on the router. Just remember if you change the IP on VLAN 1 it would kick you out once changes have been made and would have to log back in using the new IP address assigned if this was the case.

Other pages are self-explanatory like Static Routing, Identity and Dashboard page. Let me jump into the page why I wanted to access CCP in the first place. The Wi-Fi page, for some reason using whatever browser, it would ask you to have the wireless portal access via a new browser tab.

Straight forward, just like how you configure any wifi router.

By clicking the Advance wireless access point configuration link it opens another browser which would give you another set of menus/options to configure your AP. The Express Security menu lets you create an SSID that uses a radius server for authentication.

By going to the Security menu > SSID Manager gives you more options for your AP.

Security menu > Server Manager allows you to configure the radius server that you intend to use for authentication, you can also setup backup radius servers including EAP authentication priority.

In conclusion, after not using Cisco Configuration Professional(CCP) for a while and now experiencing version 3.3 implores me to start using the routers GUI to configure the device. Let me make a disclaimer that at the time of this writing I have not completely configured any Cisco devices to be used in production using CCP as I would need to explore further. But definitely everything looks promising.

Configure Cisco Aironet 1130AG with WPA2 authentication GUI

The company I was working for was throwing away legacy gear and I decided to ask for it so I can have a play around. It was a Cisco Aironet 1130AG Series AP.

I have been working with the new Cisco 887 and 881 routers with built in AP and would use the CLI to configure the wireless bit. I have also been working on Meraki products particularly the MX product line where everything is cloud base. I was thinking of adding this AP to my home network and eventually get it into my ISE lab.

In order to get this bad boy wired up, I had to open the lid which uncovers the circuit board and nicely labelled ports. It has a fastethernet port PoE powered which is perfect for me as I have a PoE switch. Console cable on the right side of the ethernet port and even though this is an old device I felt like a kid who’s excited to get his new toy working.

Easy reset button found right next to the console port, just stick in your favorite pen and your off.

From the CLI, it boots up just like any cisco device…slow. Once it is done, it will greet you with the ap> the default enable password is Cisco, with the capital C then you can start running your favorite show commands and start exploring.

By default it will get its address from a DHCP server on your network so make sure you have setup one up. Then again there’s always that option to statically set this up with the CLI but it defeats the whole idea behind this blog.

The next step is open your browser and type the IP address assigned to the AP, this should ask you then for a username and password which is both Cisco, again with a capital C.

Word of caution before we proceed, the GUI is so slow and you have to be patient as it takes time. It is as if the lag is when the GUI tries to translate all you’ve clicked into CLI commands and applies it to the AP.

The home page gives you basic information about the AP nothing really exciting. By default the Radio’s under the Network Interfaces section is down but since this screenshot was taken after I have enabled it so disregard that for now.

Statically assigning an IP to this AP

On the left menu click on Express Set-up, once on the page, click the Static IP radio button, then assign the designated IPs for your AP.

Don’t forget to click the Apply button at the bottom of the page.

Create a SSID

On the left menu click on Express Security, enter the name of the SSID, click the Broadcast SSID in Beacon check box, tick the No VLAN unless you want to use a specific VLAN on your network and tick the No Security radio button. Later we will setup the WPA2 password for it so hang tight. Click the Apply button at the bottom of the page.

Enable the radio

Now this is the bit that will test your patience. On the left menu click Network Interfaces, then click one of the radios in my case its Radio0-802.11G. Click the Settings tab, then tick the Enable radio button. Don’t forget to click the apply button at the bottom of the page.

Again, the GUI is laggy, wait for it until the Current Status says enabled just like in my screenshot.

Configuring WPA2

Now there’s a few steps here that you need to pay attention. Go to the Security menu, then click Encryption Manager. Tick the Cipher radio button and on the drop down menu choose AES CCMP. Click Apply-All at the bottom of the page.

Again under the Security menu, click SSID Manager menu. Please wait until the Current SSID List is populated and the SSID you created earlier appears. Again patience is the key here.

Scroll down on the same page till you create the Client Authentication Key Management section. Choose Mandatory on the Key management drop down menu, tick the WPA check box. Note: Depending on the model, it will give you the option to choose WPA2, as I am using a legacy device it does not have that option. Then enter the WPA Pre-shared key.

If you scroll further down you’ll see two(2) apply button, all you have to do is click the apply button under the Mutiple BSSID Beacon Settings section.

Once that is all done, pull out your mobile device, detect the SSID you have created, enter the password and your off to the races. Happy surfing.

UiPath Studio first impressions

It is 1am basically Monday morning. I have just gone through the first section of the course and started on the next one. I was probably so excited that I couldn’t sleep and all I can think of is learning as much as I can about this software.

There is no time limit on the end of chapter exam and unlimited attempts though I read that after 3 attempts you would have to wait 24 hours to give students time to review the material. I failed on my first attempt and had to retake. I realized that the questions on the first sections were mostly taken from the following section which you won’t have access until you pass the exam. The search function on the academy’s website became my friend.

For a few hours I get to play around with the GUI, I can’t help but reminisce my university days doing programming using Visual Basic 5.0. The look and feel is pretty much the same. Everything is drag & drop with properties windows. Hence it feels home to me.

  1. Ribbon – this is basically your menu bar set in tabs. It has 4 tabs namely Start: To start a new project, Design: basic menu like new, save, run. menu where you’ll do the recording, data and screen scrapping and user events etc basically the whole meat of this application, Execute: running and debugging your workflow and Setup which is like properties in your apps and where you can find the web browser extensions.
  2. Activities – where it lists the objects for your workflow, e.g. dialog box, conditional statement box, message box etc.
  3. Workflow – this is where you place your objects dragged from the activities section such as flow charts, sequences, dialog box etc.
  4. Variables – displays all the variables that is being used inside the flowchart or sequence.
  5. Properties – displays the property option for an object in your workflow.
  6. Outline – gives you an overview of your workflow and objects under each flowchart or sequence.