ASA Site to Site VPN (DHCP)

If you don’t already know, site to site VPNs can be a cost-effective way for remote sites to connect to HQ resources instead of a lease line like using MPLS or Metro-E circuits. We can instead use a standard internet connection with a static IP, this is usually cheaper than a dedicated circuit. Our next steps are purchasing a firewall for the remote site (assuming you already have one at HQ) and setup a site to site VPN connection to make the connection. Continue reading


Cisco VIRL and Windows VMs

VIRL-logo-eOne of the neat features of Cisco VIRL is it runs on an open platform, with OpenStack as the orchestration program running on top of an Ubuntu operating system. This gives VIRL additional flexibly by being able to run third-party VMs with KVM begin the hypervisor. In this guide I’ll walk through some of the steps I took to get Windows XP up and running in VIRL. 🙂 Continue reading

Factory Reset Firepower 4100 & 9300

I got my hands on some Cisco Firepower 4100 units and after playing around with them I wanted to reset them to factory settings, essentially erase the “startup-config” on the FXOS. The Firepower units act a little differently than your normal Cisco IOS or ASA and you can’t just erase startup-config and reload the device, that would be too easy. I was able to find that if you do a password recovery on the unit it erases the configuration  and that’s as close as I got for a factory reset. Continue reading

Passed the 640-916 DCICT

It’s been a little more than year in the making since I passed my last Cisco exam the 640-911 but I finally did it and passed the 640-916. I can now call myself CCNA Data Center Certified. 🙂 If you ever get the chance to take go up Data Center route it really is interesting of all the products and services Cisco has in their portfolio. Cisco UCS, OTV, Fabicpath and FCoE are just really cool technologies to learn about. The main studying tool I used was the Cisco Official Certification Guide and I poked around the Cisco Learning Network on the Data Center study group.

So what’s next for me? Well I think its time to take another step forward and climb up to the professional level of Cisco Certifications. I don’t know when I want to start that but it’ll probably be sooner rather than later.

It’s been a little more than five years of when I passed my first Cisco certification. After finishing the Cisco Network Academy I was able to tackle the ICND1 and looking back at the ICND1 its changed curriculum twice since I took it, which is a common theme in this industry. 😉



RBAC Radius with Microsoft NPS 2012 R2

safe-access-controlIn this configuration I’m at looking at using Microsoft NPS 2012 R2 as radius server and I’m going to skip the installation of NPS because it really is just a next, next, finish installation. In this demo I already have this NPS system connected to a Windows domain, my goal is to create role based access on Cisco IOS routers while using radius to login. I’ll have a couple for active directory accounts each them will represent different types of allowed access to these IOS routers. One account will get full administrative access while the other will only get read access, how cool cat is that 😉 !

Continue reading