GLBP Load Balancing

We could use HSRP or VRRP to have a redundant default gateway for our PC/server networks. Although this works well we now have hardware powered-on and just sitting around waiting for its counterpart to fail, we are not actively using it. We could split up networks or use multiple default gateways within the same network but who does that? Well if your router or layer three switch happens to have that Cisco logo on it and a software release of at least 12.2(14)S, please welcome and “slow clap” the Gateway Load Balancing protocol, who has been around since 2002! Continue reading

Advertisements

Cisco FTDv in Cisco VIRL

FireCisco is actively pushing their Firepower Threat Defense software with the new Firepower 2100 units on their way this summer in effort to eventually replace the ASA5525-X, ASA5545-X and ASA5555-X platforms. When using FTD you must also have the Firepower Management Center (FMC) available to manage and configure these devices. This gets difficult especially if you want to test things out because not everyone has Cisco Firepower lying around unused. How are you supposed to test and learn the depths of this product? (Hint: Cisco VIRL) Continue reading

Configuring EIGRP – Named Mode

From its older brother IGRP which was developed in 1980s to overcome the limitations of RIP, EIGRP was an “Enhanced” IGRP protocol. The main purpose of EIGRP was to  overcome the limitations of classful networks and make EIGRP a classless routing protocol. During designing of this protocol a different convergence algorithm was used making EIGRP that “hybrid” between distance-vector and link-state routing protocols. In this post we’ll go over a basic design and setup for EIGRP, however instead of using the “classic way” let’s look at configuring EIGRP using named mode which is available in Cisco IOS starting in version 15.2

Continue reading

ASA Site to Site VPN (DHCP)

If you don’t already know, site to site VPNs can be a cost-effective way for remote sites to connect to HQ resources instead of a lease line like using MPLS or Metro-E circuits. We can instead use a standard internet connection with a static IP, this is usually cheaper than a dedicated circuit. Our next steps are purchasing a firewall for the remote site (assuming you already have one at HQ) and setup a site to site VPN connection to make the connection. Continue reading