I made this quick video as an “Ansible 101” type introduction for some networking friends that just wanted a high-level intro to playbook creation and logic. So, I hope you enjoy it and get something useful from it. Please feel free to comment with any questions you may have! GitHub Repo: Intro to Ansible for Networkers - GitHub Repo
In this post I hope to quickly cover how I use pfSense to provide easily reachable management networks for simulations within VIRL. Below is a list of the technology I use in this lab environment: pfSense SG-1000 running 2.4 BETA Cisco VIRL_ — Core 0.10.29.12_ VMWare ESXi 5.5 Update 1 Generic VLAN Aware Layer 2 Switching I will not go through the entire installation of Cisco VIRL. I am just going to go through what I do in my personal environment to allow the FLAT & FLAT2 networks to be routable to the world. I have the SNAT network setup in a similar fashion, but I do not often use it so I will only mention SNAT this once. ...
The Request I have a client with a data center, a headquarters/DR site, and a lot of branches spread out all over the world with Internet connectivity. They are currently using static IPSEC Internet facing VPNs to connect to their data center and HQ environemts, but the company is hitting a growth spurt and they are quickly realizing this solution is becoming difficult to scale and manage with their limited in-house IT staff. ...
The Request: Now that Cisco has included SSL VPN licensing as part of the 15.3(3)M IOS I have had multiple clients ask about turning on the capability and reaching back into Active Directory for authentication. The Solution: The equipment I used to lab this solution: Cisco 881 w/ IOS 15.3(3)M3 (10.0.1.238) Windows Server 2008 R2 (10.0.1.231) First we will go through the steps to configure the RADIUS server on Windows so we have access to Active Directory for authentication. You must first ensure the “Network Policy and Access Services” role is installed on the server. Once this role is installed we will go into NPS (Local) > RADIUS Clients and Servers > RADIUS Clients. Here will will configure our router as a RADIUS Client. Be sure to make note of the key you specify here as you will need it when configuring the RADIUS server on the router. ...
The Request: I have a client with multiple 6807 VSS pairs that required an IOS upgrade. All of the pairs have a single SUP2-T in each chassis and were in the 15 code train. Although the ISSU process is very straight forward I wanted to put this quick process up as I had to search through multiple documents to gather all the pieces I needed to knock it out. The Solution: Since these switches were in the proper code train to utilize ISSU I decided that was the best route to go. It also helps that everything was already dual-homed. This process is for VSS pairs with only one SUP per chassis! If you have another configuration you can reference the Cisco document provided at the bottom of the post. Some example text was taken from the Cisco Document referenced below One of the first things you want to verify is that there is a current boot variable configured on the VSS pair pointing to the version of code that is running currently. Some devices only have one version of code on the bootdisk so there is not a boot variable configured. For the ISSU to perform properly you MUST configure the boot variable: ...