Author Archive for: talebi_it@yahoo.com
Entries by talebi_it@yahoo.com
How to write an effective resume?
Review online session Feb 22, 2020 Download resume template Download Technical Questions for interview
How to Configure GNS3? How to import Kali linux to your GNS3?
Follow this guideline: GNS3 Installation Guide Download IOSV: IOSV for switch Other Cisco Images: Download Cisco Images for GNS3
CentOS network configuration
You can configure network interface by editing configuration files stored in /etc/sysconfig/network-scripts/ directory. Lets configure the first network interface eth0. Edit the interface configuration file. # vi /etc/sysconfig/network-scripts/ifcfg-eth0 (if file doesn’t exist, create it with name of ifcfg-ethx) Append/Modify as follows: For a system using a Static IP Address DEVICE=”eth0″ BOOTPROTO=”none” ONBOOT=”yes” IPADDR=”192.168.1.15″ NETMASK=”255.255.255.0″ GATEWAY=”192.168.1.1″ For a […]
Configuring WPA2 with AES or TKIP and PSK on Cisco Aironet 1140 Access Points
First of all, we have to create an SSID profile. You can do this with the command dot11 ssid ssid. Let’s make a SSID with the name ‘CiscoTalkWireless’. 1 2 ap(config)#dot11 ssid CiscoTalkWireless ap(config-ssid)# Next, we can configure the SSID properties. In this example, we want to use open authentication with key management provided by WPA2. In […]
Cisco ASA FirePOWER Services: how to install FMC?
Technology: Network Security Area: Next Generation Firewalls Vendor: Cisco Software: 8.X, 9.X, FMC 5.X, 6.X, SFR module 5.X , 6.X Platform: Cisco ASA, Firepower Management Center VM Firepower Management Center installation steps 1. Deployment from OVF 2. Assign the hostname for VM 3. Choose the right ovf and vmdk files 4. Select proper vNIC (the one you will […]
Migrating ASA to FTD
For this post, we will be discussing migrating an ASA with FirePOWER services to a Firepower Threat Defense (FTD) image on an ASA 5506-X appliance. At a high level, you reimage the ASA unit with a FTD then use the migration tool (if you have an existing ASA configuration) to import the ASA configuration into […]
DVTI on Hub-Spoke IKEV2
R1 —————– (config)#crypto pki certificate map CAMP 1 #issuer-name co talebi (config)# default crypto ikev2 proposal (config)# crypto ikev2 proposal default # encryption aes-cbc-256 # integrity sha256 # group 14 (config)# default crypto ikev2 policy (config)# crypto ikev2 profile IKEV2-Profile # identity local dn # match certificate CMAP # authentication remote rsa-sig # authentication local […]
FlexVPN – Part 2
-Proposal ==>Dephi Helman Group – Encryption – Integrity -Policy -Profile (match), (keyring) show crypto ikev2 proposal default show crypto ikev2 policy default show crypto ikev2 transform-set default show crypto ipsec profile default Changing the default proposal (config)# crypto ikev2 proposal default (config-ikev2-proposal)# encryption aes-cbc-256 (config-ikev2-proposal)# integrity sha256 (config-ikev2-proposal)# group 2 revert back the default proposal […]
FlexVPN: IKEV2 – Part 1
FlexVPN = IKEV2 + NGE(Next Generation Encryption) IKEV1 = phase 1 => negotiate phase 2 => IPSec Tunnel IKEV2 => Initial neogtiation + IPSec Tunnel => proposals, key ring, policy, profile #show crypto ikev2 proposal default #show crypto ikev2 policy default (config)# crypto ikev2 keyring HRT-keyring peer container1 address 192.168.10.2 identity fqdn r2.test.local pre-shared-key local […]