VIRL ASAv with ASDM

April 16, 2018 at 6:10 pm

VIRL

I had many requests to demonstrate how to use the ASDM GUI to manage an ASAv running inside of VIRL. Here is the video demonstration of how to do it. Enjoy!

Basic Setup of the ASAv in EVE-NG

April 11, 2018 at 8:09 pm

ASAv

In this video, we will examine the configuration of the ASAv for basic practice that would be appropriate for training such as CCNA Security.

Adding the Cisco ASAv to EVE-NG

March 30, 2018 at 7:34 pm

EVE-NG

This video walks you through adding the Cisco ASAv to EVE-NG per the instructions I outlined for you at my blog – here. Have fun!

Adding the ASAv to EVE-NG

March 24, 2018 at 8:00 am

EVE-NG

I am going to need some ASAv action in EVE-NG next week for a project I am working on. Here are the steps I hope work! 😋 I grabbed these from the EVE-NG site and added my own elaboration where I thought necessary.

I will try and shoot a video of these steps next week as well.

Step 1: Acquire the asav941-200.qcow2 or asav952-204.qcow2 files for EVE-NG use

Step 2: Fire up WinSCP or FileZilla and connect to the EVE-NG IP address for FTP purposes

Step 3: Upload the appropriate .qcow2 from Step 1 to the root of the EVE-NG system

Step 4: Create the directory in EVE-NG for the ASAv image storage:

mkdir -p /opt/unetlab/addons/qemu/asav-941-200

Step 5: Move the image to that directory:

mv asav941-200.qcow2 /opt/unetlab/addons/qemu/asav-941-200/virtioa.qcow2

Step 6: Run these commands to enable Telnet access instead of VNC:

apt-get update
apt-get install libguestfs-tools
cd /opt/unetlab/addons/qemu/asav-941-200/

guestfish -a virtioa.qcow2
run
mount /dev/sda2 /
touch /use_ttyS0
umount /
exit

Step 7: Clean and fix permissions:

/opt/unetlab/wrappers/unl_wrapper -a fixpermissions

That does it! The image should now be ready for addition as a Node in the EVE-NG Web client. Happy lobbing!

Manual Summarization with BGP on Cisco Routers

March 22, 2018 at 8:57 pm

BGP

One of the topics that will be featured in my upcoming CBT Nuggets module, Border Gateway Protocol (BGP) – Advertising NLRI, manual route summarization in BGP. This post serves (as well as more to follow) cover the highlights of the video coverage.

There are two methods of performing aggregation with BGP on a Cisco router. You can create a static route that represents the aggregate and then advertise that route using the network command. Or, you can use the aggregate-address command.

Here is an example of the static route approach:

router bgp 65100
   network 192.168.192.0 mask 255.255.248.0
   neighbor 192.168.1.220 remote-as 65200
!
ip classless
ip route 192.168.192.0 255.255.248.0 Null0

Notice how the static route directs to the bit bucket (Null0). This is because it is not an actual network destination. It is an artificial construct to permit the route in the routing table so we can use the network command in BGP. There will be more specific entries in the routing table covered by this advertised summary and the router can follow those instructions. Should all the more specific entries be removed, then the static route has traffic discarded for the summary (this is the desired behavior, typically).

With the aggregate-address command approach, you ensure component routes of the summary exist in the BGP table (thanks to the network statement or redistribution), and the summary address is advertised via BGP. Here is an example:

router bgp 65100
 aggregate-address 192.168.192.0 255.255.248.0 summary-only
 redistribute eigrp 100
 neighbor 192.168.1.220 remote-as 65200

Note that if you forget the summary-only keyword with the aggregate-address command, you will advertise the summary as well as the specific routes. A future post will demonstrate when this approach might be useful.

Activating the New March 2018 Cisco VIRL 1.5.X

March 13, 2018 at 4:04 pm

In this video, I walk you through the activation process for Cisco VIRL.

Installing VIRL March 2018 Version 1.5.x

March 12, 2018 at 7:13 am

That’s right – there is finally a new version of VIRL in town. In this video, I demonstrate installing the new version.