18 Jan 17 Using SNMPWALK and PortQry tools

SNMPWALK and PortQry tools in Windows

We all know that Linux offers some built in tools that are great for troubleshooting purposes, however Windows Operating Systems have limitations. Me being a Windows user primarily (fan of CLI and CLI based tools), I am always looking for different tools. In this post I want to mention two tools that I have been able to use successfully.

My recent use was trying to troubleshoot SNMP on two switches. I was able to use snmpwalk to test SNMP and then utilize PortQry to check the ports via CLI. Here is my method and results:

Non Working – snmpwalk
COMMAND SYNTAX: snmpwalk -r:”ip-address” -c:”community-name” -v:2

Non Working PortQry Test
COMMAND SYNTAX: pq -n “ip-address” -cn !community-name! -e 161 -p udp

So above I have SNMP testing to a Non Working Switch. snmpwalk fails right away and the PortQry shows that the port is filtered, should say “LISTENING” like in the next example.

Working – snmpwalk
COMMAND SYNTAX: snmpwalk -r:”ip-address” -c:”community-name” -v:2

Working PortQry Test
COMMAND SYNTAX: pq -n “ip-address” -cn !community-name! -e 161 -p udp

Tags: , , ,

02 Nov 12 Cisco ASA 8.4 on GNS 3

Configure Cisco ASA 8.4 on GNS3

As most of the readers know that GNS3 is a pretty cool open source tool for network engineers to be able to emulate Cisco and Juniper software. I have been trying to get it working for a while here and there but just never had the time and patience to go through the whole setup. Today finally while I was watching a Video on You Tube about one of my other projects I came across a pretty cool video on how to get Cisco ASA 8.4 working with GNS3.

Two most important things were getting the right image and then getting the Qemu options configured properly.

Qemu Options: -vnc none -vga none -m 1024 -icount auto -hdachs 980,16,32
Kernel cmd line: Kernel cmd line: -append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536

I was able to use the following site to get the right files for this setup, XeruNetworks. Once you install GNS3 successfully here are some of the first steps:

  • Go to “Edit and then Preferences”, then click on “Qemu” (Left)
  • Click on “Test Settings” button and make sure that it passes
  • Now click on “ASA” and start filling in the information, it will look like this
  • Once you are done, add Cisco ASA icon to the GNS3 Lab and click Start, wait few seconds and then start the Console
  • Something very important here PATIENCE it will take it few minutes to boot up all the way, it will pause at one point as if it is froze, that is what I thought but the boot process started after like 2 or 3 minutes
  • I would really like to give credit to the two web sites and a You Tube video below for the instructions. If you can’t get it working from reading my quick notes I highly suggest visit those sites and that video.
  • Article Resources:

    Tags: , , ,

04 Jun 12 Open Source IP Address and Configuration Management

Open Source IP Address And Configuration Management Software – OpenNetAdmin

So I have used Rancid for Cisco Configuration Management, used IPPlan for IP Address Management. Both are good software and they do have their limitations, few things that I was looking for were not available and I am not a programmer plus I did not have time to play around with the scripts to much to get what I need going. Few things that I was looking for and were lacking in both software were following:

  • LDAP/Microsoft Active Directory Authentication
  • IP Address and Configuration Management both in one software
  • Cisco Startup as well as Running Configuration archives along with “show version”

After doing some research I came across a product called OpenNetAdmin. Absolutely loved this product. It has a built in plug in to perform authentication against LDAP/Micrsoft Active Directory. Group permissions, you can manage IP addresses as well as configurations in one place. And I was able to use it to pull down “startup config, running config and show version as well”. Take a look at all the OpenNetAdmin Features. You can also use it to manage DNS, however that wasn’t my need, oh and the installation is so much easier. My next post would be on How to Install and Configure OpenNetAdmin and some tips and tricks that I used to get it working.

Tags: , , , , ,

25 Apr 12 Installing Rancid on Debian

Rancid install on Debian notes

I had to recently test out couple of open source configuration management programs and the first one that I picked was Rancid. It is a pretty good program to backup your network equipment configurations. It can work with multiple vendors but I just needed it specifically for Cisco ASA firewalls, Cisco PIX and Cisco CSS. I have also used it previous for Juniper Netscreen configuration backups too.

Below are some of my installation notes that I typed up as I was going through the installation of Rancid:

  • Downloaded Rancid to /usr/src
  • wget
  • Create a Rancid user “adduser -home /home/rancid rancid”
  • apt-get install build-essentials
  • tar -xvfz rancid-2.3.8.tar.gz
  • Chage your directory to Rancid Foldercd rancid-2.3.8
  • Make Rancid user own the rancid directory
  • chown -R rancid:rancid /home/rancid
  • ./configure -prefix=/home/rancid -localstatedir=/home/rancid/var/rancid
  • make install
  • There will be whole bunch of text that will scroll, just make sure there are no errors and as long as there are no errors you are good to go
  • /home/rancid/etc/rancid.conf file is for the Rancid configuration. Use this file to create groups that represent location(s) or device(s).
  • Now create a “.cloginrc” file under “/home/rancid/” directory and specify credentials in this file for the devices
  • There is a “cloginrc.sample” file located int the main Rancid folder, that will show you how to set up the credentials
  • Now it is IMPORTANT that you setup proper permissions on this file as the passwords in this file get stored in clear text
  • chmod 600 .cloginrc and then chown rancid:rancid .cloginrc
  • Now you will create all the rancid groups but the command must be launched by the rancid user. So “su” as rancid (su – rancid)
  • If the directories are not created and you get errors check permissions, delete /home/rancid/var/group and re run the above command
  • Now for each group you have to modify the “router.db” file
  • File location that you need to edit is, “/home/rancid/var/rancid/group/router.db”
  • If you are going to be using the hostnames, make sure they resolve. Now run the “rancid-run” as rancid user, “/home/rancid/bin/rancid-run”
  • This will go and grab the configurations from the devices you specified and save them. Now you can view them via command line, however if you want a web interface you will need to install CVS or SVN. I installed CVS
  • apt-get install cvsweb
  • Update and modify /etc/cvsweb/cvsweb.conf to create the group
  • If the directory containing the cvsweb icons and css files is not in /var/www, you have to add a symbolic link : “ln -s /usr/share/cvsweb /var/www/cvsweb”
  • Now I was ready to view all the configs via web interface by pointing my web browser to http://ip-address/cgi-bin/cvsweb/

Tags: , , , ,

27 Mar 11 Installing IPPLAN

I spent lot of time installing IPPLAN – IP Address Management system, there was lot of Google searching involved, reading forums, lot of trial and errors so I decided to write notes about my installation so hopefully next time I need to do something I can just look at it at one location and perhaps this may help other users too.

First part was to choose which Operating System I am going to use to install IPPLAN. My personal two favorites are Ubuntu or Debian. So I ended up using Debian as Ubuntu is based on Debian, I just wanted to go with the original. I setup SSH access on the Debian so that I can just work from there.

After installing Debian and running all the updates on it next step was to download and install IPPLAN. IPPlan can easily be downloaded from Source Forge.

Prerequisites for installing IPPlan – IP Address Management Software (IPAM)

These are some of the things you want to install before you download and start installing IPPlan

  • Apache2
  • MySQL Server
  • PHP 5 and PHP 5 MySQL

Steps for installing, configuring IPPLAN

  • I created a folder on the desktop and called it sftw by using mkdir sftw
  • Next I changed my directory to that sftw directory and used the wget command to download it within that directory.
  • Now you have to unzip the file by using the unzip command.
  • Once that is completed what I did was renamed the ipplan directory, mv ipplan-4.92.a ipplan and then moved it under the /var/www by using mv ipplan /var/www/.
  • Next step is to create the mysql database for IPPlan. Use the following steps to create the database structure for IPPlan:
    1. “mysqladmin -u root -p create ipplan (This will use the root user to create the ipplan database – Of course you will have to type in the root password after you hit enter)
    2. “mysql -u root -p ipadmin” (This will create a user called “ipadmin”)
    3. “mysql grant all privileges on ipplan.* to ipadmin@localhost identified by ‘passwordforipplan’;” (This will give all the permissions to “ipadmin” user for the “ipplan” database. “passwordforipplan” will be the database password that you will define again later in the config.php file.)
    4. “mysqladmin flush-privileges” (This will reload the sql database)
    5. Now change directory to ipplan directory cd /var/www/ipplan if you are not already in it.
    6. Now you can use either vim or nano to edit the config.php file to update the entries for the database I like to use nano so nano config.php
    7. Scroll down to the following lines and enter the information accordingly, password you use here is the password to connect to the database that you defined above in Step 3
    8. Once you have this information filled out, there is one more step, which is defining the password for the “admin user” for IPPlan.
    9. Scroll down to the following lines and edit the password field, you can also edit the Administrator name in there if you like:
    10. Once these two steps are done save the file and close it.
    11. “chown -R www-data /var/www/ipplan” and “chmod 750 www-data /var/www/ipplan” (This will give the apache user permissions to the ipplan directory)
    12. Now you are set for the final install steps. Point your browser to http://localhost/ipplan/admin/install.php.
    13. On the page you will two option in the first option choose New Installation and the second option Run the sql now. Hit the “Go” button and you are done as long as you do not see any errors on the page
    14. Note: These instructions are mainly from how I did the install and from my personal notes. If you want to use them use them at your own risk, if you mess up something that is your responsibility. I suggest using a non production system first and test out everything that is what I did rest is your choice

      Tags: , , , , , , , ,

12 Jun 10 Microsoft Visio Alternative

Recently I got a new job and after I started the job I realized that things are a bit different there. They are kind of strict with giving out laptops so I ended up with a desktop, single monitor and my manager had to talk to the desk top services manager to get me Microsoft Office. According to them I didn’t need it since I’m a network guy and will be working on Cisco networking gear, at least that is the impression I got.

Any ways once all was done and I was working on a network one day I realized that it would be a good idea to start creating Network diagrams using Microsoft Visio for future troubleshooting purposes. As they did not have the network layout of any site. So I did what I usually do, Start, Run and then typed “visio” and hit Enter (yeah I know I like to use keyboard as much as I can got it from using Linux and Cisco equipment. Once I hit “Enter” I got an error message basically telling me that I do not have Microsoft Vision on my computer. I was like blehhhhh… now what. I knew about Open Office and google docs but I didn’t know of any Open Source Microsoft Vision alternate solution.

After a little research I found an excellent software that was free and full of features just like Microsoft Visio called DIA. DIA is available for Microsoft Windows, as well as Linux, I downloaded it right away from DIA’s website and started making my diagrams. It wasn’t as user friendly as Microsoft Visio but after spending few min on it I was able to easily use it as if I would use Microsoft Visio.

Take a look at these two diagrams that I made using DIA.
Hidden AP issue

So if you are looking for an alternate and free solution to Microsoft Visio check out:

Tags: , , , , ,

21 Mar 10 Change Local Admin Password on Multiple Domain PC’s

Your have a team of IT guys in your company and one of them either leaves or is let go. You have over 1000 computers in your domain and now you have to reset all the Administrator passwords. Changing a Domain Administrator password is pretty simple. You simply make the change in one location and it gets replicated across the whole Active Directory. However what about the Local Administrator Accounts on all the PC’s?

OOOOh yes it absolutely sounds like a huge painful project when you have 10 to 20 computers on the network it is so much easier to just walk over to each PC and reset/change the Local Administrator Password, but when you have over 1000 computers in your domain and you have to change local Administrator password on all those computers and make sure it is done, that is a scary thought.

I was given this task at work and after some research I found so many scripts and none of them were good enough for what I wanted to accomplish. I needed something that will not only allow me to change local administrator password but will also generate a failure report. After doing some more research I came across a utility called PWDMan.

This is a free utility and will enable you to easily change local administrator passwords on all the domain computers. This utility gives you the option to use the domain, or a list of computers in the domain, or simply type in the computer name. Certainly if you are 1000+ computers in your domain you want to go with the first two options. Once you specify the new admin password, utility will run for a few minutes and you are done. After that you can simply export the failure report and find out which computers process was unsuccessful and you can manually go take care of them.

I have attached a few screen shots of the process:

Tags: , , , ,

14 Mar 10 Online Invoicing and Support Ticketing

I have recently started working on my IT consulting business to do some consulting work on the side. And I was looking for something that will give me all the features a small IT Consulting business would require and it would be cost effective as well. Some of the key features I was looking for are:

  • Cost effective
  • Supports multiple Clients
  • Supports Multiple Techs/Users
  • Supports sub-contractors
  • Has a Project Management functionality
  • Support Tickets
  • Estimates and Invoicing
  • Expense and Mileage tracking
  • E Mail reminders for past due invoices
  • Online payment options integration with Paypal and other Merchant services
  • Time Tracking
  • Mobility
  • Reporting features
  • Expense reports
  • Inventory reports
  • Tax reports
  • Support ticket reports
  • Profit and Loss reports

Finding all these features in one single product that is cost effective and available online was to good to be true. I contacted a few programmers and they all wanted to charge lots of money to do this. And then one day I ended up on Fresh Books website and I was amazed by the product, pricing and all the features they offer.

They offer a free version that limits you to to only 3 clients, after taking their online tour I immediately signed up for this Online invoicing and support ticketing solution and started test driving it. I was able to customize every thing in there, Upload my logo, customize my emails, invoices, inventory, client logins, login pages and much more. Their pricing starts from $19/month and goes upto $150/month but the ROI – return on investment is absolutely worth it. I can now manage EVERYTHING from location I do not need multiple programs for support ticketing, invetory and invoicing and project management. More over I can accomplish this from any where I have internet access. You can even access your account from iPhone and/or Windows Mobile devices. Track your time on the go and bill for the exact time no more guess work. No more worrying about if your clients have paid or not, this system can automatically send emails when you specify and send late payment reminders.

Like I mentioned they offer a free fully functional product that enables you to manage 3 clients. Give it a shot, visit Fresh Books – An online invoicing and support ticketing system and see for yourself.

Tags: , , , , , , , ,

26 Feb 10 Executing Perl Script in Linux

This is something I had to do a few times and I kept forgetting how to execute the perl script in linux. So I decided to put it on my blog so if I ever forget it it again I can come back and find out. It is actually pretty simple. If you have a script named, cd to the directory where the script resides and run it like this:

Tags: , , ,

12 Feb 10 Restore Windows Offline files using CSCCMD.EXE

If you ever have to restore offline files on a crashed computer because they were not synchronized with the network share you can do so utilizing csccmd.exe. You have to get this tool directly from Microsoft or it is also on Windows 2003 Resrouce Kit Tools.

  • On the crashed computer copy the “CSC” folder from “C:\windows\CSC” folder to a working computer.
  • Put the folder on the new computer in exactly the same spot, i.e; C:\WINDOWS\.
  • Also put the csccmd.exe file in C:\WINDOWS\ folder.
  • Create a folder some where on your C Drive like C:\RECOVER.
  • Now run the utility like this: csccmd /extract /target:C:\RECOVER /recurse. It will extract all the files from the CSC folder to the new location.
  • That is it and you are done. Now you have all the offline files from the crashed PC

Tags: , , , ,

WordPress SEO