I have setup many VPN connections. There is 1 problem that I deal with a lot is the traffic from the other side of the VPN. Usually I have to wait for the other companies to send their traffic through the VPN. It sometime hard to tell where the problem is.
I found a way to use a router to send out packets , pretending it’s the other side of the VPN leg
To do this, first I need to replace the VPN appliance with the router and create a loopback interface
|
|
interface Loopback300 ip address 172.69.24.12 255.255.255.255 |
Where 172.69.24.12 is the source of the packets
Then run the following commands
|
|
telnet 172.16.111.50 443 /source-interface loopback300 |
Where 172.16.111.50 443 is the destination address and port on my network.
Now I can test and confirm my own VPN leg without waiting for other parties.
One of my favorite troubleshooting tools on the Cisco ASA firewall is doing a packet capture. An incoming packet will hit the capture before any ACL or NAT or other processing. An outgoing packet will hit a capture last before being put on the wire.
To start the capture, use this command
|
|
capture <Capture Name> interface <Interface> match ip host <Source IP> host <Destination IP> eq <Port> |
Example
|
|
capture CAP1 int INSIDE match ip host 1.1.1.1 host 2.2.2.2 |
To view the capture from CLI
To download the pcap file
|
|
copy /pcap capture:CAP1 ftp://user:pass@1.2.3.4/CAP1.pcap |
Or from your browser
|
|
https://1.1.1.1/admin/capture/CAP1/pcap |
To clear the capture
And finally, to remove the capture
Happy sniffing!
My users developed a habit to keep their un-used VMs for too long and it slowly eat up our storage. I need a way to enforce our 30 days retention policy. A bit of searching and I end up with this script. Oh and it sends emails too.
|
|
$vms = Get-VM | where {$_.PowerState -eq "PoweredOff"} $vmPoweredOff = $vms | %{$_.Name} $events = Get-VIEvent -Start (Get-Date).AddDays(-30) -Entity $vms | where{$_.FullFormattedMessage -like "*is powered off"} $lastMonthVM = $events | %{$_.Vm.Name} $moreThan1Month = $vmPoweredOff | where {!($lastMonthVM -contains $_)} $moreThan1Month | Remove-VM -DeletePermanently -Confirm:$false $vmNames = $moreThan1Month | Select -ExpandProperty Name Send-MailMessage -From report@domain.com -To me@domain.com -SmtpServer mail@domain.com ` -Subject "Removed $($moreThan1Month.Count) VM" -Body ($vmNames | Out-String) |