Archive

Archive for August, 2014

Use routers to create packets with specific source IP address

August 21st, 2014 Comments off

I have setup many VPN connections. There is 1 problem that I deal with a lot is the traffic from the other side of the VPN. Usually I have to wait for the other companies to send their traffic through the VPN. It sometime hard to tell where the problem is.

I found a way to use a router to send out packets , pretending it’s the other side of the VPN leg

To do this, first I need to replace the VPN appliance with the router and create a loopback interface

Where 172.69.24.12 is the source of the packets

Then run the following commands

Where 172.16.111.50 443 is the destination address and port on my network.

Now I can test and confirm my own VPN leg without waiting for other parties.

Categories: Networking

Packet capture from Cisco ASA

August 18th, 2014 Comments off

One of my favorite troubleshooting tools on the Cisco ASA firewall is doing a packet capture. An incoming packet will hit the capture before any ACL or NAT or other processing. An outgoing packet will hit a capture last before being put on the wire.

To start the capture, use this command

Example

To view the capture from CLI

To download the pcap file

Or from your browser

To clear the capture

And finally, to remove the capture

Happy sniffing!

Categories: Networking

Script to remove VMs that have been off more than 30 days

August 14th, 2014 Comments off

My users developed a habit to keep their un-used VMs for too long and it slowly eat up our storage. I need a way to enforce our 30 days retention policy. A bit of searching and I end up with this script. Oh and it sends emails too.

l>