Contact me on Skype
Skype Id - tauseefahmadlko
If you want IT go and get IT
Good things come to those who wait, but better things come to those who go out and get them .
Connect IT now
The new information technology... Internet and e-mail... have practically eliminated the physical costs of communications. - Peter Drucker
Monday, July 24, 2023
Thursday, July 20, 2023
The Ping Utility - Basics
PING BASICS
What Is a Ping ?
A ping, according to the
dictionary, is a sharp, high-pitched, and somewhat musical tone. You might
associate it with the sound you hear when you tap a spoon against a crystal
glass.
But in the IT world, it
has a very different meaning……
In a Simple language – A ping is a Command Prompt command that
can be used to test a connection between one computer and another. Think of it
in terms of sonar on a submarine. You’ve probably seen in the movies when
the “ping” in the background as an audible signal is sent out to check a sub’s
surroundings. When the ping strikes a nearby object, it will echo back.
Operators can determine an object’s distance by the length of time it takes to
return the echo.
Ping stands for - Packet InterNet Groper.
Ping (Packet Internet Groper) is a method for determining
communication latency between two devices/networks. Simply put, ping is a
method of determining latency or the amount of time it takes for data to travel
between two devices or across a network. As communication latency decreases,
communication effectiveness improves.
A low ping time is critical in situations where the timely
delivery of data is more important than the quantity and quality of the desired
information.
Relating ping with a real-world example :
1- Let’s say two people are 100 meters apart and
first one greets other. The first person’s greeting takes one second to reach
second person, who is 100 meters away. The second person then responds to
greeting of first person, which takes one second to reach the first person
standing there. We can deduce from this that both of people standing there are
getting a 1-second ping with a total latency of 2 seconds.
2-
Let’s say you have wireless security cameras
in your home that allow you to see the exact real-time frame of your home from
anywhere in the world. However, main issue here is latency, because if the ping
is very high, viewer will see robbery in his or her phone after some time,
causing problems. As a result, prompt feedback is essential; any lag or delay
is unacceptable.
It’s also worth noticing that the speed of the internet
connection you’re using to connect two networks has no bearing on ping. If
you’re streaming a game on YouTube, for example, you’ll want the latency to be
as low as possible so that viewers can watch in real-time.
As a result, we can define ping as a type of protocol that is
used to determine a computer system’s latency and network strength.
The ping command in Windows :
To use the ping command in Windows, access the command prompt.
On the command prompt, type "ping" and specify the IP address,
hostname, or URL of the remote system and press the Enter key.
For example, to test whether Google is up and accessible from
the local Windows system, use the following command.
ping www.google.com
To view all options that
the ping command supports in Windows, use the following command.
The ping command in Linux :
To use the ping command in
Linux, access the shell prompt, and use the following syntax.
$ ping [IP address, hostname, or URL of the remote system]
For example, to ping www.google.com, use the following command.
$ ping www.google.com
The ping command in Linux sends
messages continuously. To stop
the ping command from sending more messages,
press the ctrl+c keys.
To view a complete list of
allsupported options, use the following command.
$ ping --help
Why Would I
Use Ping ?
Pings are useful for a variety of reasons, including troubleshooting connectivity, devices, and networks.
Troubleshooting Connectivity:-
Most commonly, it’s used to verify the connection between two
machines. You might use ping to test a network printer or copier connection to
determine whether a device is offline or to verify you can connect to a router.
If you’re having trouble with an application hosted over a network on a server,
one of the first things you want to do is check the connection using a series
of ping commands to help you narrow down the problem. If a ping comes back with
fast response times, your connection is good so the problem likely lies with
the server or application.
Troubleshooting Networking Issues:-
Almost any network-connected device will respond to a ping which makes it incredibly valuable to check networking connections. Ping can be used to test routers or servers for throughput and speed. You can also ping across a range of addresses to find each attached device in a particular range. You can test computer names and addresses of computers. When you can ping an IP address, but not a computer name, there’s likely a name resolution issue.
If a ping comes back showing a successful connection but has long response times, you’re likely facing a routing, congestion, or networking issue.
A ping command can be run manually or automated as a scheduled task for monitor network reliability. When a ping fails, there’s a problem
Proper Ping Syntax
The order in which you use these switches is important. Here’s
is the proper syntax to use:
ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS] [-r
count] [-s count] [-w timeout] [-R] [-S srcaddr] [-p] [-4] [-6] target [/?]
Sunday, July 2, 2023
Cisco Packet Tracer
Cisco Packet Tracer
Practice networking, IoT, and cybersecurity skills virtually with Cisco Packet Tracer, Cisco’s powerful simulation and visualization tool.
Getting Started with Cisco Packet Tracer - click here to visit official cisco website
Wednesday, June 28, 2023
Cisco Umbrella
Simplify, streamline, and scale your security with Cisco Umbrella
Cisco Umbrella offers flexible, cloud-delivered security. It combines multiple security functions into one solution, so you can extend data protection to devices, remote users, and distributed locations anywhere. Umbrella is the easiest way to effectively protect your users everywhere in minutes......
Source :- www.cisco.com
Get to know the new Cisco Umbrella
As a leading provider of recursive DNS services, we’ve helped businesses of all sizes and industries connect to the internet with confidence. We’ve built a reputation on easy deployment and powerful protection anywhere users work.
To help organizations embrace direct internet access, in addition to DNS-layer security and interactive threat intelligence, Cisco Umbrella now includes secure web gateway, firewall, and cloud access security broker (CASB) functionality, plus integration with Cisco SD-WAN, delivered from a single cloud security service......
Source :- www.cisco.com
Tuesday, June 27, 2023
VXLAN
Introduction: VXLAN
Now a days the concept of network overlays is used and in network overlays people have gained interest in the past few years because of their potential to address some of the requirements which are beneficial for the enterprise networks. The network overlays are the different virtual networks of interconnected nodes that enable applications to be deployed without having to change any of the underlying networks.
With time, there are lot of new encapsulation frame formats purpose-built for the data center, including Virtual Extensible LAN (VXLAN), Location/Identifier Separation Protocol (LISP). So, as we go through this post you will come to know some of the overlay transport protocols and they are.
- VXLAN: Virtual Extensible LAN
- LISP: Locator/Identifier Separation Protocol
Virtual Extensible LAN (VXLAN) and Location/Identifier Separation Protocol (LISP) are two new encapsulation frame types designed specifically for data centers.
What is VXLAN?
VXLAN is an extension to the Layer 2 VLAN. It was designed to provide the same VLAN functionality with greater extensibility and flexibility. VXLAN is an overlay encapsulation technology (network overlay and tunnelling technology) which allows us to extend Layer 2 across a Layer 3 routed infrastructure.
Main concern with VLANs is the limited address space. Each device can have around 4000 usable VLANs. This is an issue with service providers. They may have to maintain several VLANs per customer, which exhausts the address space quickly. To work around this VLAN ID’s can be reused on different switches, or technologies like Q-in-Q can be used.
VXLAN does not have this limitation. It uses a 24-bit header, which gives us about 16 million VNI’s to use. A VNI is the identifier for the LAN segment, like a VLAN ID. With an address space this large, an ID can be assigned to a customer, and it can remain unique across the entire network. VXLAN network identification (VNI) is assigned to each Layer 2 subnet to segment traffic.
In data centers, VXLAN is the most used protocol to create overlay networks that sit on top of the physical network, enabling the use of virtual networks. The VXLAN protocol supports the virtualization of the data center network while addressing the needs of multi-tenant data centers by providing the necessary segmentation on a large scale.
The VXLAN tunneling protocol that encapsulates Layer 2 Ethernet frames in Layer 3 UDP packets enables you to create virtualized Layer 2 subnets, or segments, that span physical Layer 3 networks. Each Layer 2 subnet is uniquely identified by a VXLAN network identifier (VNI) that segments traffic.
In other words, VXLAN defines a MAC-in-UDP encapsulation scheme where the original Layer 2 frame has a VXLAN header added and is then placed in a UDP-IP packet. With this MAC-in-UDP encapsulation, VXLAN tunnels the Layer 2 network over the Layer 3 network.
VXLAN has been widely adopted and is now used in many large enterprise networks for virtualization and cloud computing. It provides:
- A secure and efficient way to create virtual networks.
- Allowing for the creation of multi-tenant segmentation.
- Efficient routing.
- Hardware-agnostic capabilities.
- With its widespread adoption, VXLAN has become an essential technology for network virtualization.
Tuesday, April 21, 2020
Cisco Networking Academy. Build your skills today, online. It’s Free!
Introduction to Cybersecurity
The world is getting more digital and having the skills to secure devices is critical to solving the challenges we face. The number of connected devices alone is expected to grow to 50 billion sensors, objects, and
other connected ‘things’ by the year 2020.
Source :- www.cisco.com
other connected ‘things’ by the year 2020.
Monday, March 12, 2018
Sunday, January 15, 2017
Building DMVPN with mGRE, NHRP and IPSec VPN
Building DMVPN with mGRE, NHRP and IPSec VPN
Source: LinkI – OVERVIEW
 |
| Lab configured in GNS3 and tested by me. Thanks |
Tuesday, May 31, 2016
ASA 9.x: AnyConnect VPN Client U-turning Configuration Examples
ASA 9.x: AnyConnect VPN Client U-turning Configuration Examples
Contents
ASA Release 9.1(2) Configurations with ASDM Release 7.1(6)
ASA Release 9.1(2) Configuration in the CLI
Source: http://www.cisco.com/
Document ID: 100918
Tuesday, March 8, 2016
Cisco ASA with FirePOWER
Table of Contents
Cisco ASA FirePOWER Module Quick Start Guide
1. About the ASA FirePOWER Module
How the ASA FirePOWER Module Works with the ASA
ASA FirePOWER Management
Compatibility with ASA Features
Licensing Requirements for the ASA FirePOWER Module
2. Deploy the ASA FirePOWER Module in Your Network
Routed Mode
ASA 5585-X (Hardware Module) in Routed Mode
ASA 5506-X through ASA 5555-X (Software Module) in Routed Mode
Transparent Mode
ASA 5585-X (Hardware Module) in Transparent Mode
ASA 5506-X through ASA 5555-X (Software Module) in Transparent Mode
3. Register the ASA FirePOWER with a Management Center
4. Launch ASDM
5. Configure the ASA FirePOWER Module
Install the Licenses (ASDM)
Configure the ASA FirePOWER Security Policy
Configure the ASA Security Policy
6. Where to Go Next
Cisco ASA FirePOWER Module Quick Start Guide
1. About the ASA FirePOWER Module
Wednesday, March 2, 2016
Tuesday, October 20, 2015
Cisco ASA NAT Conversion Tool
Preparing your code
Gather the output from the following commands in your old ASA code:show run global show run nat show run static
show run access-list | include [ACL-NAME]
Privacy Note: None of the data entered into the text area is uploaded to a server. All of the work of this tool is done on the client side. This means it’s safe to enter sensitive data without worrying about it traveling over the internet. You can even connect to this webpage, disconnect from internet and still use the conversion tool without any difference in functionality.
Examples
Static NAT Examples:static (INSIDE,OUTISDE) 55.55.55.2 192.168.1.2 netmask 255.255.255.255
static (DMZ,OUTSIDE) tcp interface 8080 172.16.0.10 www netmask 255.255.255.255
static (INSIDE,DMZ) 10.10.10.0 172.16.10.0 netmask 255.255.255.0 dns
static (INSIDE,DMZ) 192.168.100.49 172.24.2.49 netmask 255.255.255.255 tcp 255 2000
static (INSIDE,EXT) 172.16.25.25 access-list ACL-NAT2
access-list ACL-NAT2 extended permit ip 192.168.29.0 255.255.255.0 host 10.1.25.205
*New* Global+NAT Example:
nat (INSIDE) 1 10.0.0.0 255.255.255.0
global (OUTSIDE) 1 interface
nat (INSIDE) 2 access-list ACL-NAT3
global (OUTSIDE) 2 22.22.22.128 netmask 255.255.255.128
access-list ACL-NAT3 standard permit host 33.33.33.33
*New* NAT Zero+ACL Example:
nat (INSIDE) 0 access-list ACL-NONAT
access-list ACL-NONAT extended permit ip 192.168.5.0 255.255.255.0 host 172.16.200.205
access-list ACL-NONAT extended permit ip any host 172.16.200.203
Click on the Link Below:
Input ASA 8.2 NAT statements
Source:- http://www.tunnelsup.com/
Tuesday, April 28, 2015
Privilege Levels in Cisco IOS
privilege. Privilege levels are assigned to both users and commands. The privilege levels range
from 0 to 15. By default, commands are assigned either level 1 or level 15. Those commands that
need to be executed in privileged EXEC mode are level 15 commands. With a few exceptions,
those commands that can be executed in user EXEC mode are level 1 command. A small number
of commands are level 0 commands. These commands include enable, disable, exit, logout, and
help. Level 0 commands can be executed at any level.
A user operating in privileged EXEC mode is a level 15 user. A user operating in user EXEC
mode is a level 1 user. Commands and users can be assigned a privilege level different from their
default. The way the privileges work is a higher level has the same rights as the lower levels
beneath it. For instance, a level 10 user (if you set one up) can do everything users at levels 9
through 0 can do. Level 15 users can execute all commands.
Commands can be reassigned a different level of privilege as well. You can raise or lower the
level of privilege on any command. Privilege levels on commands are assigned using the
Privilege command; the command syntax is as follows. Use global configuration mode for this
command.
privilege
This feature is quite useful as it allows us to create various levels of users with custom rights to
IOS commands. Imagine if you had a number of administrators with limited knowledge of the
workings of IOS. But you need their help with certain specific tasks such as shutting down and
re-enabling an interface or adding users to an access server. You can configure the router or
access server so that depending upon the password provided, the user will be assigned a specific
level of privilege and will only be allowed to use commands assigned to that level and below.
Privilege levels for users can be set in a number of ways via the IOS. They can be set
permanently on a line using the privilege level command; at the command prompt using the
enable command; or when logging in using the username command.
To set the default privilege level for a line, use the privilege level command in line configuration
mode. The syntax is as follows: privilege level <0 – 15>.
To interactively reset the level of privilege from the command line, use the enable command.
The command syntax is enable <0 – 15>. The command can be executed in any EXEC mode. If
you leave off the level number, the router assumes you mean 15. It is advisable to set up an
“enable secret” password for each level of privilege. Be sure each level’s password is different
and that the passwords are only known to users within the appropriate level. The syntax for this
command is enable secret level <1-15>
The most common way to assign levels of privilege is to do so based on the user’s username.
The IOS allows you to create and use username/password pairs in your router configuration for
authentication purposes. Along with the authentication process, the user can be assigned as level
of privilege.
Examples:
In the example below, we have created three custom user levels using level numbers 2, 3, and 4.
Level 2 users can do show commands as well as all commands in levels below. By default, level
1 users can do most show commands. But after issuing the command privilege exec level 2
show in our configuration, it will no longer be possible. Level 3 users are permitted to issue the
command show ip route, but level 2 users cannot. Level 4 and above users can issue the show
access-list command as well as any command in levels below.
Router(config)# privilege exec level 2 show
Router(config)# privilege exec level 3 show ip route
Router(config)# privilege exec level 4 show access-list
The example below shows us assigning level 2 to any user that enters the router via telnet. It
assigns level 3 to any user that enters via the auxiliary port. And it assigns level 4 to anyone that
enters via the console port.
Router(config)# line vty 0 4
Router(config-line)# privilege level 2
Router(config-line)# line aux 0
Router(config-line)# privilege level 3
Router(config-line)# line console 0
Router(config-line)# privilege level 4
The example below creates a separate password for each custom level of privilege. If a user
issues the command enable 2, that user will be prompted for the password “twopass”. A level
three request will require the level three password and so on.
Router(config)# enable secret level 2 twopass
Router(config)# enable secret level 3 threepass
Router(config)# enable secret level 4 fourpass
The example below creates three users: bob, fred, and sam. Bos is a level 2 user. Fred is a level 3
user. Sam is a level 4 user. To have the router prompt for username and password when logging
in, use the command login local in your line configuration mode.
Router(config)# username bob privilege 2 password bobpass
Router(config)# username fred privilege 3 password fredpass
Router(config)# username sam privilege 4 password sampass
Router(config)# line vty 0 4
Router(config-line)# login local
Posts
