Script used in this video is available on GitHub:
https://github.com/davidbombal/pythonvideos/blob/master/pythonS1script1.py
Wednesday, April 19, 2017
Saturday, October 25, 2014
GNS3 v1.1 released - install guide for IOU support
 |
| Let there be switching - GNS3 1.1 with IOU support |
First of all you need to grab a copy of the GNS3 software at http://www.gns3.com/ and click through the install process. There is a "all in one" package available which should cover everything you will need and a little bit more.
To get the IOU support running you will need to get the current OVA file from sourceforge (be sure you get the right version for you copy of GNS3 for version 1.1 its the 140MB file)
Import the OVA file into your VirtualBox.
Make sure the first VM adapter is set “VirtualBox Host-Only Ethernet Adapter”. You may have to add one in VirtualBox preferences -> Network -> Host-only Networks.
Start the VM.
Once started you should see the VM IP address. If not log on with username root and password cisco and use the ifconfig command. Usually the IP is 192.168.56.101.
Open a web browser and go to http://192.168.56.101:8000/
(NOTE: You will need the IOU image, google is your friend here)
Create a text file named iourc containing the IOU license information. Unfortunately you will have to find that number by yourself. Once again google can help you or check can http://forum.gns3.net/topic9032.html for a tutorial how to obtain that info via a python script.
The file should contain the following information and can be located everywhere on your computer.
(Do NOT put it into the VM, it needs to be on a location accessible by the GNS3 install!!!)
[license]
gns3-iouvm = xxxxxxxxxxxxxxxx;
Start GNS3, go to Preferences -> Server -> Remote servers and add the VM IP address, click on Apply.
Go to IOS on UNIX preferences, IOU devices, create new and set the path to your image files in the virtual machine. (e.g. /home/gns3/Documents/GNS3/
Create a text file named iourc containing the IOU license information. Unfortunately you will have to find that number by yourself. Once again google can help you or check can http://forum.gns3.net/topic9032.html for a tutorial how to obtain that info via a python script.
The file should contain the following information and can be located everywhere on your computer.
(Do NOT put it into the VM, it needs to be on a location accessible by the GNS3 install!!!)
[license]
gns3-iouvm = xxxxxxxxxxxxxxxx;
Start GNS3, go to Preferences -> Server -> Remote servers and add the VM IP address, click on Apply.
Go to IOS on UNIX preferences, IOU devices, create new and set the path to your image files in the virtual machine. (e.g. /home/gns3/Documents/GNS3/
After that you should see your devices and be able to drag and drop them like regular images.
Tuesday, May 6, 2014
GNS3 1.0 alpha3 - new VM image
Today I updated my GNS 3 1.0 installation to the recently released alpha 3 version.
Let`s take a look at the changelog first:
Change Log for Alpha 3 of V1.0
- Follow the “VMware model” to organize projects.
- Topology files have the .gns3 extension instead of .net (they are still supported).
- Fixed problem to capture on TAP or Ethernet interfaces when not root.
- Updated the upload page.
- Server request validations.
- Graceful shutdown for the server & modules
- Checks for valid IOS & IOU images
- Checks for missing shared library dependencies in an IOU image.
- Explicit error message for missing 32-bit binary support on 64-bit Linux when starting IOU.
- Check if iouyap can access Ethernet and TAP devices.
- Windows network interfaces support in clouds (need improvements but it works…)
- Update tooltips to show node IDs.
- Ranges for Dynamips UDP, console, auxiliary console and hypervisor ports.
- Use Dynamips UDP NIO auto back-end for UDP tunnel connections (excepting stubs).
- The GUI can check the server version.
- Explicitly show an error if an IOS network module cannot be added or removed.
- Support for –version on the command line for both the server and GUI.
- Delete IOS ghost files when closing a project.
- Check for the correct locale on Linux/UNIX.
- Fixed bugs with duplicated node IDs.
- Save exception.log in the same directory as the GNS3 settings file.
- Added the view -> docks menu.
- Checks on node ID returned by the server.
Another important change is that you have to install an updated version of the server VM to get IOU support running in the alpha3.
I recommend uninstalling the whole beta2, including the virtual machine an starting from scratch.
The alpha3 download files are available in your GNS3 member area and the new server image can be found here.
Thursday, April 24, 2014
Installing GNS3 1.0 alpha 2 with IOU support
The GNS3 1.0 alpha 2 has been released resently, and it looks like it is a lot more stable then the first alpha release was. So first of all the alpha release is only available for supporters of the GNS3 project. So if you wanna use this amazing piece of software go to the crowdfunding campaign page (https://gns3.crowdhoster.com/become-an-early-release-member) and throw some money at them (trust me it is worth it!).
So after you donated some cash, it takes a few days an you finally receive your logon data for the members area where you can download the new GNS3 all in one package!
If you installed the package you can start the new GNS3 and find out that it basically looks and feel like the old one.
But now lets get to the part we are alle here for! IOU support which means: SWITCHING!
2 – Download the GNS3 IOU VM.ova appliance: http://bit.ly/1f74fol
If using VMware use this appliance instead: http://bit.ly/1h756j1
3 – Import the appliance in VirtualBox.
4 – Make sure the first VM adapter is set “VirtualBox Host-Only Ethernet Adapter”. You may have to add one in VirtualBox preferences -> Network -> Host-only Networks.
5 – Start the VM.
6 – Once started you should see the VM IP address. If not log on with username root and password cisco and use the ifconfig command. Let’s say the IP is 192.168.56.101 for the rest of the instructions
7 – Open a web browser and go to http://192.168.56.101:8000/
(NOTE: You will need the IOU image, which you just need to get somewhere)
8 – Create a text file named iourc containing the IOU license number. Unfortunately you will have to find that number by yourself.
(hint1: the hostname is gns3-iouvm and hostid is 00000000 hint2: http://forum.gns3.net/topic9032.html).
The file should contain the following information and can be located everywhere on your computer.
(Some people tried to put it into the VM, but it needs to be on a location accessible by the GNS3 install!!!)
[license]
gns3-iouvm = xxxxxxxxxxxxxxxx;
9 – Start GNS3, go to Preferences -> Server -> Remote servers and add the VM IP address, 192.168.56.101 in this example, click on Apply.
10 – Go to IOS on UNIX preferences, set the path to IOURC to the file created in step 8.
11 – Go to IOU devices and add the path from step 7 to IOU path, optionally configure the other settings, click on Save.
12 – Start using the IOU device from the device list.
Note: You can upload several IOU images to the VM server (L2 / L3, different versions etc.) you will be able to choose the image from a pull down menu when you drag an IOU device into your GNS3 topologie.
Tuesday, February 4, 2014
Logon Banner
A logon banner will be displayed whenever someone connects to the router via telnet, SSH or console connections.
The syntax for the banner command is:
banner motd {char} {banner text} {char} where {char} defines a delimeter character that does not show in the {banner text}. All text contained between the first and second {char} characters, is beeing interpreted as the banner message.
For example,
config t
banner motd #
******************************************
* Unauthorized access prohibited
******************************************
#Will give you anything between the first and second "#" and display as ******************************************
* Unauthorized access prohibited
******************************************You can also enter a neat little text editing mode by entering banner motd^To exit that mode when you are finished editing your message just enter "^" followed by ENTER
Basic Device Configuration? Check!
Did you ever configure a Cisco device? Did you ever forget about some of the base settings? If the answer is "YES/YES" you might want to take a look at the Basic Device Configuration guide here at discorouter.com.
No matter if you are practising for an upcomming CCENT/CCNA level exam or you just want to be sure you dont miss out that damn timeout setting in the real world all the time, creating a base checklist might be the way to go. There are a lot of tools out there to create lists like the one below but I found using Evernote a nice and easy way to create templates and apply them to your actual projects.
The above list is an example of a basic switch configuration you might want to use, note that there might be different requierements, depending on the network enviroment you want to deploy your switches into, but for now we will stick to this checklist an go through it point by point.
Just follow the links below to get more information about the specific checkpoints on the list:
- Hostname
- Passwords (CON, VTY, Enable)
- Logon Banner
- console port Timeout
- Synchronous logging on the console port
- Telnet / SSH
- HTTP mamnagement disabled
- DNS name resolution
- Clock set, NTP configured
- Management VLAN / IP address
Passwords (Console, VTY)
With every device you want to deploy into a production network there comes the neccesity to assign
some basic passwords which keep unauthorized individuals from messing up your network.
First Thing you want to secure ist the User PRIVILEGED mode (the mode you jump into when you enter "enable"). There are three ways of assigning a password to that mode, but only two of them should be applied in a real world enviroment.
Option one is "enable password yourpassword" in configuration mode, which will assign a password but store it in clear text, which nobody should want or do.
Option two is "enable secret yourpassword" in configuration mode, which will assign a password and store it as an md5 hash.
Option three is using a TACACS server to do the job which we will not cover in this post because we are just dealing with the most basic password assignments here.
Now that we have a password for our PRIVILEGED mode we want to set password for logging onto our device via the vty and console ports:
R1(config)#line vty 0 4
R1(config-line)#password yourpassword
R1(config)#line console 0
R1(config-line)#password yourpassword
After doing that it is strongly recommended that you use the
some basic passwords which keep unauthorized individuals from messing up your network.
 |
| Setting a password to enter PRIVILEGED mode |
First Thing you want to secure ist the User PRIVILEGED mode (the mode you jump into when you enter "enable"). There are three ways of assigning a password to that mode, but only two of them should be applied in a real world enviroment.
 |
| Password stored in clear text? - NOT GOOD |
Option one is "enable password yourpassword" in configuration mode, which will assign a password but store it in clear text, which nobody should want or do.
 |
| $1$qrU6$C.oiqfu8punRdpG1XoajX0 - HASH GOOD :D |
Option three is using a TACACS server to do the job which we will not cover in this post because we are just dealing with the most basic password assignments here.
 |
| All passwords encrypted? Mission accomplished! |
Now that we have a password for our PRIVILEGED mode we want to set password for logging onto our device via the vty and console ports:
R1(config)#line vty 0 4
R1(config-line)#password yourpassword
R1(config)#line console 0
R1(config-line)#password yourpassword
After doing that it is strongly recommended that you use the
service password-encryption command to store these and all future passwords encrypted in your running config.
Subscribe to:
Posts (Atom)