Author Archives: Ruben

Windows 802.1X supplicant debugging

I got involved in a complicated issue with a Cisco ISE implementation, and to understand what the endpoint (windows) was doing had to debug the 802.1x on the ccommand line.

Look to all interfaces in the current OS stack and providers

netsh trace show interfacesnetsh trace show providers

netsh lan set tracing mode=[yes|no|persistent]

Capture all info to the tracefile trace.etl, make sure you have the right providers

netsh trace start capture=yes tracefile=C:\trace.etl provider=[microsoft-windows-wired-autoconfig|microsoft-windows-wlan-autoconfig|microsoft-windows-onex]

 

Time to stop the capture and and find the root cause :)

netsh trace stop

No tags for this post.

IT Blog Awards in Back!

If you are all about blooging i totally recomend this amazing opportunity to be recognized as a influencer on the community. Share what you have been doing, share your passion about technology or other areas that keep you up.TEST, Do You Know Someone Who Should Apply? Attention tech bloggers (+vloggers, +podcasters) the prize for the 2019 ITBlogAwards is a pass to Cisco Live – apply!

No tags for this post.

vSphere 6.7 VMUG Roadshow 2019 London UK

LonVMUG_LogoTuesday, September 10th

Hilton London Kensington – 179-199 Holland Park Avenue

London, W11 4UL

Google Maps

In collaboration with VMware, VMUG is bringing back an opportunity for members to participate in a technical roadshow focused on vSphere 6.7. This event is complimentary to all VMUG members, so make sure you register today!

VMware vSphere is the foundation of VMware’s Software Defined Datacenter and Cloud vision. No matter where you are in your digital transformation journey, getting current on VMware vSphere can best position you to gain maximum value from your VMware SDDC solution. Whether you are implementing new technologies or are looking at hybrid cloud or Bi-modal IT, upgrading vSphere can help you get there faster.

Kev Johnson will be the event facilitator

This is a good opportunity to hear back from peers, networking  and be more close with the VMware community.

Redundant interfaces not supported on FXOS platforms

The documentation might get you a bit confused, but after have a chat with Cisco TAC they shed some light…..Unfortunately this design is not supported, so if you are migrating from a Old Cisco ASA platform it’s time to redesign and avoid redundant interfaces. So i had to move those interfaces to port-channel, so the trade-off was the failover if the principal switch died.
Cisco Firepower
And here is the bug reported
Redundant interfaces are not supported on all FXOS platforms
CSCvg30354
Symptom:
“Firepower Management Center Configuration Guide, Version 6.1”
Chapter: Interfaces for Firepower Threat DefenseInformation related to Redundant interfaces should be changed
FROM
Redundant interfaces are not supported on the Firepower 9300
TO
Redundant interfaces are not supported on the Firepower 9300, 4100, 2100Conditions:
Currently Redundant interfaces are not supported on all FXOS Platforms

Workaround:

Graylog Syslog Input Failed to start on port 514

Probably you are having the same issue as me, so let me clarify. You can use lower ports when you run Graylog as root, since this is not the case how can we fix this? The catch is redirecting traffic from a different port 1514 to port 514 UDP/TCP.

Assuming that you are using Two Input Streams

[email protected]:~$ sudo iptables -t nat -A PREROUTING -p tcp –dport 514 -j REDIRECT –to 1514
[email protected]:~$ sudo iptables -t nat -A PREROUTING -p udp –dport 514 -j REDIRECT –to 1514

[email protected]:~$ netstat -nutlp
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN –
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN –
tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN –
tcp6 0 0 :::22 :::* LISTEN –
tcp6 0 0 10.4.252.246:9000 :::* LISTEN –
udp 0 0 127.0.0.53:53 0.0.0.0:* –
udp6 0 0 :::1514 :::* –
udp6 0 0 :::1514 :::* –
udp6 0 0 :::1514 :::* –
udp6 0 0 :::1514 :::* –
udp6 0 0 :::1514 :::* –
udp6 0 0 :::1514 :::* –
udp6 0 0 :::1514 :::* –

[email protected]:~$ sudo iptables-save
# Generated by iptables-save v1.6.1 on Tue Jul 23 13:04:56 2019
*nat
:PREROUTING ACCEPT [33:2312]
:INPUT ACCEPT [84:11215]
:OUTPUT ACCEPT [33:2344]
:POSTROUTING ACCEPT [33:2344]
-A PREROUTING -p udp -m udp –dport 514 -j REDIRECT –to-ports 1514
-A PREROUTING -p tcp -m tcp –dport 514 -j REDIRECT –to-ports 1514
COMMIT
# Completed on Tue Jul 23 13:04:56 2019
# Generated by iptables-save v1.6.1 on Tue Jul 23 13:04:56 2019
*filter
:INPUT ACCEPT [111065:37834236]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [106771:36862434]
COMMIT
# Completed on Tue Jul 23 13:04:56 2019

Below you can confirm if the Policy is working, in this case the Chain OUTPUT.

[email protected]:~$ sudo iptables -L -v -n
Chain INPUT (policy ACCEPT 124K packets, 42M bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 119K packets, 41M bytes)
pkts bytes target prot opt in out source destination