Category Archives: General stuffs

Anything that’s considered “general” by me hehe…

Small office requirement Set up PaloAlto1 and 2 to be active passive HA. Set up SW5 and SW6 as HSRP routers, vlan 100 towards the external and vlan 10 towards the internal. HSRP for vlan 10 and vlan 100. SW4 … Continue reading

Posted in General stuffs | Leave a comment

Classless routing vs classful routing

Router routes traffic based on the longest prefix, and cannot find any match traffic will be dropped. Classless routing The routing that we normally understand is classless routing. Let’s explore the routing tables of R1 and R2. R1 pings to … Continue reading

Posted in General stuffs, Route | Tagged , , | Leave a comment

Anyconnect VPN using local account

Network diagram Configure inside and outside interface ciscoasa(config)# int gi0/1 ciscoasa(config-if)# nameif outside INFO: Security level for “outside” set to 0 by default. ciscoasa(config-if)# ip address dhcp setroute ciscoasa(config-if)# no shut ciscoasa(config-if)# int gi0/0 ciscoasa(config-if)# nameif inside INFO: Security level … Continue reading

Posted in General stuffs, VPN | Tagged , , , , , | Leave a comment

[CISCO ACI] Inter tenant contract

The ACI configuration for inter tenant contract is complicated. A contract provides two functions: Provide filter. Provide route leak. A tenant is considered a VRF itself. In this example there are two tenants T05 and T06. T05 exports the contract … Continue reading

Posted in General stuffs, Software Defined Network | Tagged , | Leave a comment

bigip snat automap

You created a forwarder virtual server for your servers behind the bigip appliance to access the internet, your server could not get a respond back. You troubleshoot the problem and found that: Default route is configured in the bigip. You … Continue reading

Posted in F5, General stuffs | Tagged | Leave a comment

Is bigip packet filter stateful or stateless?

Packet filter I have allowed vmnet5 to http and dns to any destination, and drop all for the rest. Nmap from client Actually nmap could not determine whether port 80 is opened or closed because there is no response. Packet … Continue reading

Posted in General stuffs | Leave a comment