Category: Non classé

Cisco configuration over SNMP

2015-05-20

Before configure your device over SNMP, you need to enable read-write and limit the access with an ACL.

snmp-server community <your_community> RW <Access-list>

Now you can configured your device with snmp-set command. The following example show how upload a new configuration on your running-config with a TFTP Server.

snmpset -v <version> -c <community> <your_router> \
.1.3.6.1.4.1.9.9.96.1.1.1.1.3.50 i 1 \
.1.3.6.1.4.1.9.9.96.1.1.1.1.4.50 i 4 \ 
.1.3.6.1.4.1.9.9.96.1.1.1.1.5.50 a "<IP TFTP Server>" \
.1.3.6.1.4.1.9.9.96.1.1.1.1.6.50 s "<filename>" \
.1.3.6.1.4.1.9.9.96.1.1.1.1.14.50 i 4

You also can use FTP, SCP, … You have more information about the mib here.

How to configure your Cisco MDS fibre channel switch

2014-11-24

1- Create a VSAN

vsan database
 vsan 10 name SAN-TEST

2- Asign interfaces to VSAN

vsan 10 interface fc1/8

3- Create aliases

fcalias name SAN1_SPA_0 vsan 10
 member pwwn 50:00:00:00:00:00:00:00

fcalias name SRV1_HBA01 vsan 10
 member pwwn 21:00:00:00:00:00:00:00

4- Create Zone with aliases

zone name Z_SAN1_SPA_0_SRV1_HBA01 vsan 10
 member fcalias SAN1_SPA_0
 member fcalias SRV1_HBA01

5- Asign Zone to ZoneSet

zoneset name ZONESET_VSAN10 vsan 10
 member Z_SAN1_SPA_0_SRV1_HBA01

6- Apply and activate ZoneSet

zoneset activate name ZONESET_VSAN10 vsan 10

Troubleshooting

Example to view WWN and PWWN on MDS:

# sh flogi database
 --------------------------------------------------------------------------------
 INTERFACE VSAN FCID PORT NAME NODE NAME
 --------------------------------------------------------------------------------
 fc1/1 10 0x250000 50:06:01:61:08:xx:xx:xx 50:06:01:60:88:xx:xx:xx
 fc1/2 10 0x250100 50:06:01:69:08:xx:xx:xx 50:06:01:60:88:xx:xx:xx
 fc1/3 10 0x250400 21:00:00:24:ff:xx:xx:xx 20:00:00:24:ff:xx:xx:xx
 fc1/4 10 0x250300 21:00:00:24:ff:xx:xx:xx 20:00:00:24:ff:xx:xx:xx

Brocade CLI Basic command

2013-10-17 
switchshow
cfgshow
alicreate "NAME", "WWN"
zonecreate "NAME","AliasofHBA"
zoneadd "NAME","AliasofHBA"
cfgcreate "NAME","NameZonetoADD"
cfgadd "NAME","NameZonetoADD"
cfgsave
cfgenable "CFG_NAME"

scan-arp

2013-09-05

Petit outil sympa pour un scan ARP rapide sous linux : arp-scan.

http://www.nta-monitor.com/tools-resources/security-tools/arp-scan

Rapide et efficace, il suffit d’entrer la plage IP que l’on veut scanner et c’est parti avec en prime le constructeur de la mac.

On peut également scanner de plein d’autre manière pour ca arp-scan –help

 

 

HTTP ACCESS

2010-12-11

Voila comment changer le port d’ecoute de base de votre équipement. Cela permet également de limiter l’accès via une ACL et s’authentifier en local par exemple.

ip http server
ip http port 8080
ip http access-class 10
ip http authentication local
#sh ip access 10
Standard IP access list 10
    10 permit 10.255.100.0, wildcard bits 0.0.0.255 (16 matches)