In my seemingly endless quest for the CCIE I have learned about two decently powerful tools that together make an incredibly powerful and custom solution for modern DevOps/DevNet network; Embedded Event Manager (EEM) scripting, and Guestshell in IOS-XE devices. EEM scripting is far from new in the world of Cisco networks, it is a custom … Continue reading Understanding the power of Guestshell with EEM scripting
In my ongoing effort to randomly write about what I am actively working on, I am currently deploying an SD-Access fabric using Cisco's DNA Center, now rebranded as Catalyst Center. As part of this project we used the LAN automation process to build the network to all of the access switches. We had about 15 different switches … Continue reading Using DNA Center (Catalyst Center) LAN Automation to make your life easier.
Starting with Firepower 7.2 Cisco announced the ability to manage these firewalls using a Cisco hosted Cloud-Delivered Firewall Management Center (cdFMC). I recently had a project setting up cdFMC for the first time so I figure I would go over what I learned and show how to access cdFMC, how to import policies, and join … Continue reading Cisco Cloud-Delivered Firewall Management Center
Cisco SD-WAN (formally Viptela) is quickly becoming the go to WAN solution for Cisco customers. As companies are looking to replace their aging DMVPN solution, Cisco SD-WAN has become the logical choice. Companies can stick with the same ISR platform running IOS-XE that they already know, and in some cases can upgrade their existing routers … Continue reading Cisco SD-WAN PnP Onboarding
You read that right! At Cisco Live this year they introduced the ability to add Catalyst switches to the Meraki dashboard. Finally a use for the unused DNA licenses! The switches are monitored in read-only mode, so you still need to manage the switches the old fashioned way, however Meraki's traffic analysis and troubleshooting tools … Continue reading Catalyst Monitoring on the Meraki Dashboard
Story Time! Last week I learned the hard way why you should not trust NAT conversion tools when dealing with No-NAT's on an ASA. To fully understand this story lets back up a bit and Ill give you the high level details. I have been working on a project for the last month or so … Continue reading No-NAT’s on HA ASA firewalls: How to break HA (Split Brain Active/Active)
When we think of security the image of firewalls, anti-malware protection, and the latest and greatest in network access control pops in our head. With Cisco ISE servers providing NAC services, ASAs providing firewalling on our network edge, and AMP for Endpoints providing malware protection on our laptops we think we are secure. But are … Continue reading Physical Security: Often Overlooked and Forgotten
Three years ago Cisco introduced the Catalyst 9000 series switches as the next generation of campus switches. Every Catalyst switch family had an equivalent 9K to replace it; the 3800s were replaced with the 9300, the 4500s were replaced with the 9500, and the long standing 6500 chassis switches were replaced with the 9400. Cisco … Continue reading Welcome to the Family: The Catalyst 9200 is Born
This year Cisco Live was held in sunny San Diego. Between the breakout sessions, the walk-in labs, and an amazing performance by Weezer and the Foo Fighters, Cisco announced some new products and new certifications. Here is my list of some standout highlights from Cisco live: Certification Overhaul To those who have been tirelessly studying … Continue reading Cisco Live 2019
Today I finally got around to re-configuring our Firepower Management Center (FMC) after we moved it from my companies data center to our head office (we were moving servers from a whole subnet over so we recreated the subnet here at the head office and moved the servers over like for like and without the … Continue reading Moving Firepower Management Center: Dealing with Licensing Errors
The InterNetwork 