Author Archives: Ruben

Great News!Cisco is allowing Online Testing now, so no more waiting!

Cisco Online non-proctored exams are not new, Systems Engineer exams are a good example of non-proctored online exams that you can do it from your home. Today we are excited to announce a new option to help you meet your certification goals, particularly during these challenging times. Effective April 15, 2020, CIsco will begin delivering certification exams using online proctoring from Pearson VUE. Online proctoring provides you with the ability to pursue the new Cisco Certification exams including the new DevNet track without delay. You also can save time and money since no travel is required.

All written, proctored Cisco Certification exams can be taken online with a few exceptions:

  • 100-110 ENU CCENT (Invitation Only)
  • 352-011 ENU Cisco Certified Design Expert Practical Exam
  • 352-001 ENU Cisco Certified Design Expert Qualification Exam

Online proctored tests can be delivered in most countries around the globe. There are country exceptions for standard restricted countries and China, Japan and Slovenia.
Please note that while exams may be published in multiple languages, greeters, proctors and support staff speak English only.

Cisco Certifications have set the standard of excellence in the IT industry, and we continue to uphold that standard to ensure our certifications deliver the agility you need, the value you expect and set you up for success.

Is the exam price going up?

NO! It’s exactly the same price as if you attend a Pearsonvue Authorized center, however, have in mind:

  • You don’t need to travel, not more time wasted in commuting, fuel, and stress to be on time
  • Some Centers are really busy, so booking in advance is no longer needed

Cisco online testing requirements

To successfully test remotely, qualified candidates must meet the following requirements:

  • Access to a quiet, private location
  • Reliable device with a webcam
  • Strong Internet connection
  • OnVUE software
  • Government-issued identification

Before you register, you must perform and pass a system check to participate in online testing.

Fortinet NSE Certifications expiring have been extended six months

The current situation has significant impacts on all training and education organizations. As our network of certified professionals spans the globe, I know that everyone is at varying degrees of shutdown, based on your local conditions and government mandates. We felt it important to notify you of changes Fortinet has made, and will be making, to the NSE certification program to adjust to this situation.
As of March 9th, all training classes, delivered by Fortinet, that were scheduled to take place as traditional classroom ILT sessions were converted to Virtual ILT sessions.
On March 16th, Pearson VUE closed most of its proctored testing centers around the world. It is unclear when access to NSE certification exams will be widely available, either through remote proctoring or test centers re-opening. As a contingency, Fortinet is extending NSE certification expiry dates for six months, from the date of the test center closures, March 16, 2020. This extension applies to all NSE levels. We will continue to monitor the situation and communicate with you any additional changes.
We’re also pleased to announce that on March 30th, we launched a free training initiative, focused on NSE 1 and NSE 2 training for the general public. These two courses cover important cybersecurity best practices, and will be a valuable resource for your customers to ensure their remote workforce remains secure.

In addition, we will offer a new free course called FortiGate Essentials targeted to technical

individuals. The FortiGate Essentials course consists of a subset of NSE 4 training modules and will be made available as self-paced training. While this does not replace an NSE 4 certification, it may serve as a good resource as you prepare for the NSE 4 certification.

F5 is committed to support candidates

The measures that local governments and businesses have made in response to COVID-19 have in many cases included restrictions to travel. F5 understands that this has greatly affected and limited our candidates’ ability to schedule and attend exam certification appointments.

We understand this global pandemic causes great stress and we don’t want to add any more stress to our candidates looking to renew their certifications. If you are unable to, or uncomfortable about, taking your re-certification exams, we do not want you to worry about the status of your F5 certification; please, simply take care of yourself and your family. Although we cannot provide an exact plan of action given the uncertainty about the scope and duration of the current situation, we want to assure you that no candidate will lose certification as a result of these extraordinary events.

In an effort to provide assurance during uncertain times, F5 is committed to support candidates’ careers through certification and contribute to their wellbeing. We are a strong community, and we will work together to get through this.

 

Please read here for more details https://devcentral.f5.com/s/articles/COVID-19-Response-F5-Certifications-Q-A

Cisco is extending the expiration date for all active certifications

The global pandemic has had an impact on every member of the Cisco Certified family. To support your certification goals, we’re extending the expiration date for all active certifications by six months (180 days) as of March 16, 2020. This covers all Cisco and DevNet Specialist, Associate, Professional, and Expert certifications as well as CCT and CCAr.

Your expiration date will automatically be extended, and there is no action required on your part. You will be able to check your personal certification manager page to validate your new expiration date within the next two weeks.

For more details and frequently asked questions, please visit our blog. We value your commitment to Cisco certifications during this challenging and unprecedented time.

Cisco extending the timeline for the CCIE certification

Cisco is extending the timeline for the CCIE lab exams and CCIE certification migrations, from February 24th to April 27, 2020. This means that you can take the existing CCIE lab before April 27, or choose to take the new CCIE lab on or after April 27th.

As you may be aware, on January 30, the World Health Organization declared the Coronavirus outbreak a global health emergency. Our thoughts and prayers are with those affected. Cisco has a well-established process to coordinate our efforts during outbreaks like this, and they have been tracking the situation and taking appropriate action during recent days and weeks.  The safety of our  customers, partners and employees is always our priority.

One of the actions taken as a result of the continued spread of the virus, was to close CCIE labs in Hong Kong and Beijing, from February 1 through February 14, 2020. These closures impact the timeline for the transition of the CCIE lab exams planned on February 24, 2020, not just for those planning to test in Beijing or Hong Kong, but for  our customers globally  who have been affected by travel restrictions, business closures and other related circumstances.

Cisco made the decision to delay the migration of existing CCIE certifications to new CCIE certifications until April 27, 2020, when it will transition to the new CCIE lab exams. All other elements of the portfolio transition will take effect as planned on February 24.

 

For more details please read here Current CCIE Lab Exams Extended, Migration to Occur on April 27, 2020

 

Windows 802.1X supplicant debugging

I got involved in a complicated issue with a Cisco ISE implementation, and to understand what the endpoint (windows) was doing had to debug the 802.1x on the ccommand line.

Look to all interfaces in the current OS stack and providers

netsh trace show interfacesnetsh trace show providers

netsh lan set tracing mode=[yes|no|persistent]

Capture all info to the tracefile trace.etl, make sure you have the right providers

netsh trace start capture=yes tracefile=C:\trace.etl provider=[microsoft-windows-wired-autoconfig|microsoft-windows-wlan-autoconfig|microsoft-windows-onex]

 

Time to stop the capture and and find the root cause :)

netsh trace stop

No tags for this post.

IT Blog Awards in Back!

If you are all about blooging i totally recomend this amazing opportunity to be recognized as a influencer on the community. Share what you have been doing, share your passion about technology or other areas that keep you up.TEST, Do You Know Someone Who Should Apply? Attention tech bloggers (+vloggers, +podcasters) the prize for the 2019 ITBlogAwards is a pass to Cisco Live – apply!

No tags for this post.

vSphere 6.7 VMUG Roadshow 2019 London UK

LonVMUG_LogoTuesday, September 10th

Hilton London Kensington – 179-199 Holland Park Avenue

London, W11 4UL

Google Maps

In collaboration with VMware, VMUG is bringing back an opportunity for members to participate in a technical roadshow focused on vSphere 6.7. This event is complimentary to all VMUG members, so make sure you register today!

VMware vSphere is the foundation of VMware’s Software Defined Datacenter and Cloud vision. No matter where you are in your digital transformation journey, getting current on VMware vSphere can best position you to gain maximum value from your VMware SDDC solution. Whether you are implementing new technologies or are looking at hybrid cloud or Bi-modal IT, upgrading vSphere can help you get there faster.

Kev Johnson will be the event facilitator

This is a good opportunity to hear back from peers, networking  and be more close with the VMware community.

Redundant interfaces not supported on FXOS platforms

The documentation might get you a bit confused, but after have a chat with Cisco TAC they shed some light…..Unfortunately this design is not supported, so if you are migrating from a Old Cisco ASA platform it’s time to redesign and avoid redundant interfaces. So i had to move those interfaces to port-channel, so the trade-off was the failover if the principal switch died.
Cisco Firepower
And here is the bug reported
Redundant interfaces are not supported on all FXOS platforms
CSCvg30354
Symptom:
“Firepower Management Center Configuration Guide, Version 6.1”
Chapter: Interfaces for Firepower Threat DefenseInformation related to Redundant interfaces should be changed
FROM
Redundant interfaces are not supported on the Firepower 9300
TO
Redundant interfaces are not supported on the Firepower 9300, 4100, 2100Conditions:
Currently Redundant interfaces are not supported on all FXOS Platforms

Workaround:

Graylog Syslog Input Failed to start on port 514

Probably you are having the same issue as me, so let me clarify. You can use lower ports when you run Graylog as root, since this is not the case how can we fix this? The catch is redirecting traffic from a different port 1514 to port 514 UDP/TCP.

Assuming that you are using Two Input Streams

[email protected]:~$ sudo iptables -t nat -A PREROUTING -p tcp –dport 514 -j REDIRECT –to 1514
[email protected]:~$ sudo iptables -t nat -A PREROUTING -p udp –dport 514 -j REDIRECT –to 1514

[email protected]:~$ netstat -nutlp
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN –
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN –
tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN –
tcp6 0 0 :::22 :::* LISTEN –
tcp6 0 0 10.4.252.246:9000 :::* LISTEN –
udp 0 0 127.0.0.53:53 0.0.0.0:* –
udp6 0 0 :::1514 :::* –
udp6 0 0 :::1514 :::* –
udp6 0 0 :::1514 :::* –
udp6 0 0 :::1514 :::* –
udp6 0 0 :::1514 :::* –
udp6 0 0 :::1514 :::* –
udp6 0 0 :::1514 :::* –

[email protected]:~$ sudo iptables-save
# Generated by iptables-save v1.6.1 on Tue Jul 23 13:04:56 2019
*nat
:PREROUTING ACCEPT [33:2312]
:INPUT ACCEPT [84:11215]
:OUTPUT ACCEPT [33:2344]
:POSTROUTING ACCEPT [33:2344]
-A PREROUTING -p udp -m udp –dport 514 -j REDIRECT –to-ports 1514
-A PREROUTING -p tcp -m tcp –dport 514 -j REDIRECT –to-ports 1514
COMMIT
# Completed on Tue Jul 23 13:04:56 2019
# Generated by iptables-save v1.6.1 on Tue Jul 23 13:04:56 2019
*filter
:INPUT ACCEPT [111065:37834236]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [106771:36862434]
COMMIT
# Completed on Tue Jul 23 13:04:56 2019

Below you can confirm if the Policy is working, in this case the Chain OUTPUT.

[email protected]:~$ sudo iptables -L -v -n
Chain INPUT (policy ACCEPT 124K packets, 42M bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 119K packets, 41M bytes)
pkts bytes target prot opt in out source destination