Purple belt - BJJ

This month I've got promotion for purple belt in BJJ. Previously my status was blue belt with 2 stripes. It was important thing. My hard work has been appreciated and I know that is important step for me. Although I have a little time after work. Although I must divide thime whit familly, learning, training I achieve this level. Yeeeesss! I'm veeeery happy!!

Brazilian Jiu-Jitsu rank system

Below is our last seminar in Dec 2015 (Rio Grappling Club - Dąbrowa Górnicza)

CCNA Exam Passed!

Hello everyone!

Today is my big day. I achieved CCNA title and pass this exam with good score.
I can rest for now, its also the end of 2015 year there fore I'm starting prepairing for christmas and new year party.
I hope that new year 2016 will be good time to try go further for achieve CCNP title.
Wooooooohhhoooooo!

Cisco Security - IPSec Tunnels diagnose

Sometimes our great configured IPSec tunnels flapping. What is means?
That means then interfaces first shut down and by short time move up.
I will show you what should we do for diagnose this issue.

First check logs by command:

sh logg

result:

2755318: Jul  7 14:46:16: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel30, changed state to down
2755319: Jul  7 14:46:16: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel20, changed state to down
2755929: Jul  7 14:48:06: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel20, changed state to up
2756083: Jul  7 14:48:16: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel30, changed state to up

If you saw something like above then tunnel is flapping.

Next use this command for checking status of tunnels:

sh crypto isakmp sa

result:

IPv4 Crypto ISAKMP SA
dst             src             state          conn-id status
x.x.x.x     x.y.z.z        QM_IDLE           1194 ACTIVE
y.y.y.y     x.y.z.z     QM_IDLE           1193 ACTIVE


If status is ACTIVE then crypto key has been exchanged correct.
Next important command is:

sh crypto session brief

this command allow us to check status of all tunnels.
Last command is:

sh crypto session detail

In this command important is uptime parameter. It maight be useful when we want know how long tunnel is running.
This commands are useful for basic troubleshooting. In future I will write more detail information.

My IT team from Asia

They are my friends from our branch in China (Beijing). Its our IT staff from Asia.
I'm glad that I was working with this guys.

It was big plesure to work with you guys. Many thanks for all! Sie! Sie!

MyPET

Here is Snickers.
He is quadrupeds therapist.
Amazing dog with more privilages @ home.

EEM - Embedded Event Manager

Very useful tool for cisco admins:
Look below. Here is my script which I use daily. In working hours I must use limitation for DFS traffic from our local machines. I did not have time for create complicated script so my idea is simple: "Remove QoS policy from interface where limit is active by selected period" after specified time I add QoS policy to interface again.

Look:

event manager applet DISABLE_DFS_LIMIT_WEEK
 event timer cron cron-entry "10 18 * * 1-5"
 action 1.0 cli command "enable"
 action 2.0 cli command "configure terminal"
 action 3.0 cli command "interface GigabitEthernet0/1"
 action 4.0 cli command "no service-policy input QOS_MARKING"
 action 5.0 mail server "$_email_server" to "$_email_to" from "$_email_from" subject "routername1: Bandwidth limit between X and Y is uncontrolled"
 
This same script you can use for enable but must change only cron settings and one command. Look at bold and underline fonts.

Usefull mdf file - Embedded Menu Manager

Here is created file named *.mdf.
You can run this file using "emm" tool include cisco IOS.
MDF file allows you to create menu with many functions. It is very useful for administrators who using many of this same function to analyse, diagnose, or checking network parameters. MDF - using XML language. You can use ISO commands include XML, you can use TCL scripts also.
Here is simple mdf file which I created and moved to router. If you want to run this file use:
emm mdf flash:/menu_cisco.mdf   <Menu MenuName="Cisco Menu" schemaVersion="1.1">
 <MenuTitle>
  </MenuTitle>
  
   <Item ContinuePrompt="true">
    <ItemTitle>
    <Constant String="Show processor utilization chart" />
    </ItemTitle>
    <IOSExecCommand>"sh processes cpu history"</IOSExecCommand>
   </Item>
 
  <Item ContinuePrompt="true">
   <ItemTitle>
   <Constant String="Show most wanted process in CPU" />
   </ItemTitle>
   <IOSExecCommand>"sh processes cpu sorted | exclude 0.0"</IOSExecCommand>
  </Item>
 
  <Item ContinuePrompt="true">
   <ItemTitle>
   <Constant String="Show remote users" />
   </ItemTitle>
   <IOSExecCommand>"sh crypto session brief | inc remote"</IOSExecCommand>
  </Item>

 <Item ContinuePrompt="true">
  <ItemTitle>
  <Constant String="Show all crypto sessions tunnels users" />
  </ItemTitle>
  <IOSExecCommand>"sh crypto ISakmp SA"</IOSExecCommand>
 </Item>

 <Item ContinuePrompt="true">
  <ItemTitle>
  <Constant String="Show most wanted process in CPU" />
  </ItemTitle>
  <IOSExecCommand>"sh processes cpu sorted | exclude 0.0"</IOSExecCommand>
 </Item>

 <Item>
    <ItemTitle>
        <Constant String="Exit" />
    </ItemTitle>
 </Item>
</Menu>  Result: 1. Show processor utilization chart
2. Show most wanted process in CPU
3. Show remote users
4. Show all crypto sessions tunnels users
5. Show most wanted process in CPU
6. Exit

Enter selection: 2CPU utilization for five seconds: 1%/0%; one minute: 2%; five minutes: 2%
 PID Runtime(ms)     Invoked      uSecs   5Sec   1Min   5Min TTY Process
 377      354512  1655186684          0  0.39%  0.40%  0.40%   0 IP SLAs XOS Even
 107      244464    26615162          9  0.23%  0.19%  0.18%   0 Netclock Backgro
 136      136484   843191441          0  0.15%  0.11%  0.10%   0 Ethernet Msec Ti
  88      230716     6654995         34  0.15%  0.13%  0.15%   0 Per-Second Jobs


Press any key to continue...  

Polycom RealPresence Desktop & Active Dircetory communication

Real Presence Desktop (RDP) is a program which you can: share your desktop with the other person, established video connection to other person who have RPD, chat and allows connection to video conference room. This program needs Windows AD service for authenticate users in domain. I will show you how looks communication between RPD and AD to authenticate user.
I decided that I will be using shortcut for easy notification. In this scenario:
RPD is a Polycom server AD is a Windows Server with 2008R2 operating system.

Let's start:

RPD -> AD = DNS QUERY
AD -> RPD = DNS RESPONSE
RPD <-> AD = SYN,SYN ACK
RPD -> AD = NBSS SESSION REQUEST
AD -> RPD = NBSS POSITIVE SESSION RESPONSE
RPD -> AD = SMB NEGOTIATE PROTOCOL REQUEST
AD -> RPD = SMB NEGOTIATE PROTOCOL RESPONSE
RPD -> AD = SMB SESSION SETUP ANDX REQUEST, NTLMSSP_NEGOTIATE
AD -> RPD = SMB SESSION SETUP ANDX RESPONSE, NTLMSSP_CHALLENGE, ERROR: STATUS_MORE_PROCESSING_REQUIRED
RPD -> AD = SMB SESSION SETUP ANDX REQUEST, NTLMSSP_AUTH, USER: domena\nazwa_komputera
AD -> RPD = SMB SESSION SETUP ANDX RESPONSE
AD -> RPD = SMB TREE CONNECT ANDX RESPONSE
AD -> RPD = SMB NT CREATE ANDX RESPONSE
RPD -> AD = DCERPC BIND: CALL_ID: XXX
RPD -> AD = LSARPC LSA_OPENPOLICY2 REQUEST
AD -> RPD = LSARPC LSA_OPENPOLICY2 RESPONSE
AD -> RPD = LSARPC LSA_QUERYINFOPOLICY RESONSE
RPD -> AD = LSARPC LSA_CLOSE REQUEST
RPD -> AD = SMB CLOSE REQUEST
AD -> RPD = SMB CLOSE RESPONSE
RPD -> AD = NT CREATE ANDX REQUEST, PATH: \NETLOGON
AD -> RPD = NT CREATE ANDX RESPONSE FID: XxXXXX
AD -> RPD = DCERPC CALL_ID: XXX .. RESULT: ACCEPTANCE
RPD -> AD = RPC_NET NETSERVERREQCHALLENGE REQUEST
AD -> RPD = RPC_NET NETSERVERREQCHALLENGE RESPONSE
RPD -> AD = RPC_NET NETSERVERAUTHENTICATE2 REQUEST
AD -> RPD = RPC_NET NETSERVERAUTHENTICATE 2 RESPONSE
AD -> RPD - RPC_NET NETLOGONSAMLOGON RESONSE

MANY ACK, RST, ACK AND RETRANSIMISSION ALSO

RPD -> AD = RPC_NET NETLOGONSAMLOGON REQUEST
AD -> RPD = RPC_NET NETLOGONSAMLOGON RESPONSE


I dropped many duplicate TCP [ack] AND other retransmissions. If you have any problem with communication between, you can compare this communication and find differences to resolve your problem. If you are a programmer this type communication maybe it can be interesting for you.

Usefull commands for admins (cisco router)

How to check who is using EZ VPN:
sh crypto session brief

How to check VPN tunnel/tunnels status:
sh crypto isakmp sa

Show IP NAT translations include IP
sh ip nat translations | inc x.x.x.x

How to verify QoS policy:
sh policy-map interface type x/x

Show me neighbor devices (CDP must be enable):
sh cdp neighbors

How to export certificate from ASA to JAVA (self-signed)

I want to show you how export security certificate from Cisco ASA 5520 and import to Java. First of all we have to this command for show your truspoint:

asa1(config)# sh crypto ca trustpoints

Next we are using export to pem file (must write name of trustpoint):

asa1(config)# crypto ca export TRUST_NAME identity-certificate

you will see:
-----BEGIN CERTIFICATE----- MIIB+zCCAWSgAwIBAgIEJqphUTANBgkqhkiG9w0BAQUFADBCMRMwEQYDVQQDEwpD TkJFSUZXRDAxMSswKQYJKoZIhvcNAQkCFhxDTkJFSUZXRDAxLmRwY2xlYW50ZWNo LmxvY2FsMB4XDTEzMTEwNjE1MzQwOFoXDTIzMTEwNDE1MzQwOFowQjETMBEGA1UE .. -----END CERTIFICATE-----

Next you must copy this all text from console and paste in text file (notepad) and save as *.CSR

Next open Java Control Panel, go to Security tab and run Manage Certificates button. You shoud see Certificates window. Select Certificate Type like "secure site" and import your file. Now you can open your ASDM via web browser using Java.