Installing ClamAV on CentOS 7

Summary The other day I was performing a system update on my CentOS desktop when it struck me that I do not have an antivirus product on my machine. Like many Linux users I rely on the fact that Linux systems are considered as less vulnerable compared to Windows systems. As a rule I do …

Installing a License on Cisco CSR1000v

Introduction Recently a client had an expiring license on a CSR1000v router which required renewal. It was a happy coincidence that earlier I had installed a CSR1000V on my VMware Workstation to diagnose an unrelated fault. It was therefore handy to make use of the CSR to verify my change plan for the license renewal. …

An introduction to grep

Grep is a must learn command for working with linux or for scripting. I found that for learning basic material, watching a video is more engaging and helped with retention. For more complex concepts and posts with a lot of technical detail I still prefer the written page. There are many great grep tutorials on …

Understanding ssl/tls for web browsing

Summary In the past https/ssl was mainly used for shopping and Internet banking. Since mid-2017, Google has flagged all http only websites as unsecured in a further push to drive adoption of https/ssl and to enhance privacy and safety. Network engineers have to deal with ssl connections for device management access, remote user (ssl) vpns, …

First python program

Introduction The world of networking is abuzz with how software programming (aka python being the current flavour) has become an essential skill to learn if you wish to survive in your career. I agree that going forward it is highly probable that you will come across opportunities to apply python knowledge to your job. But …

MPLS Edge network configuration

Introduction It has been a busy start to 2017 at work and I had some distractions as well on the family front. But finally – here is part 2 of the mpls configuration article. To recap, in the previous article we completed the basic mpls core configuration of enabling an igp in the core, enabling …

MPLS Core network configuration

Introduction Christmas break – ah.. with time on my hands and between catching up with family, thinking about new year resolutions and feasting; it is time to add the Multiprotocol label switching (mpls) article I have been planning to write for this month. Cisco MPLS configuration is best understood by separating the configuration tasks into …

Basic AAA tacacs+ with tac_plus daemon

Summary tac_plus is a linux daemon you can run up as a basic TACACS+ AAA server. I have used this application to secure and centralised access to routers and switches in a production network that previously only rely on local username/passwords. Another motivation for tac_plus is to run it up in a lab for testing …

Understanding basic OTV configuration

What is OTV and what problem does it solve ? OTV stands for Overlay Transport Protocol and is a part of Cisco’s Nexus data center networking technology to allow vlans to extend across multiple data centers. Virtual Machine (VM) administrators often move VMs between hosts to perform maintenance, host upgrades or as part of DEV …

Introduction to securing network device with TACACS+

Summary This article introduces the TACACS+ protocol and describes how it secures access to your network devices. TACACS+ is commonly applied to give administrators and engineers access to switches and routers. It is widely implemented on entreprise Cisco and Juniper networks. Radius is another popular protocol for doing the same job. Radius is often the …