Trending Topics

VMware on AWS - How to restore NSX DFW firewall rules to previous state

Image
Customers who uses NSX day-in, day-out would like to have a point-in time restore functionality of DFW firewall rules. Many customer have a large footprints in VMC and make changes to DFW quite often. This feature was missing for long time and we could see its included in recent versions . Let's see how DFW configuration roll back works  NSX DFW configuration has versioning, and it is stored in the NSX Manager.  Every time when someone update DFW configuration, NSX creates one more version but keep storing the previous ones. You can rollback for previous config but reapplying it once again.  You can find the options under Networking & Security tab , > Security > Distributed Firewall . In the right side we see an Actions drop down. Choose View to get to the below screen.  Let’s go through the use case:  1. Original state- default config with no custom rules:  a. There are no saved configurations during last 30 days: In my existing test setup, with the current setting

How to Configure a Cisco Router as a Terminal Server


Console ports are not Ethernet ports

All too often, new Cisco admins confuse Cisco's console port to be an Ethernet port. However, the console port on Cisco routers and switches is a SERIAL port (not Ethernet). That means that it is designed to connect to the COM port (serial port) on your PC. Although the cable that connects to it has an RJ45 on the end, just like an Ethernet cable, an Ethernet cable will not work to connect these two together. What you need is a serial "rolled cable" if you are going to directly connect the router to the PC.

What's a Terminal Server?

A "terminal server" is also called an access server. This is a device that commonly provides access FROM dumb terminals TO the network. However, you can turn this around and also use it to allow a single device to allow access TO the device, FROM the network.
The most well known Cisco access servers are the 2509 and 2511. While these are discontinued models, they are still used today at many companies as access servers for the network equipment  These devices have 8 and 16 asynchronous serial ports, respectively. That means that I could take up to 8 or 16 devices, connect their console port to the access server, and control those devices by just going to the console port or telnetting to the access server. Note that the 2509-RJ and 2511-RJ are the same as the 2509 and 2511 but the RJ models have RJ45 jacks built on them instead of 68 PIN SCSI ports that go to octal cables.
Graphic Courtesy of Cisco Systems

On more current models of Cisco routers, you can also buy async network modules that are inserted into routers, providing the same access server/terminal server capabilities but in a card. Those cars are called NM-16A and NM-32A cards and you must have a router that has a NM (network module) slot.

How can I use a Cisco Router as a Terminal Server?

To be able to telnet to the terminal server / access server, you can either stick with the IP address of that device or you can create a loopback adaptor. To create a dedicated loopback adaptor for this purpose, do this: Router(config)# interface loopback0 Router(config-if)# ip address 192.168.1.1 255.255.255.255
Now, add the devices, as IP aliases, that are connected to each of the async cables (your routers & switches), with their respective cable/line number: Router(config)# ip host host1 2001 192.168.1.1 Router(config)# ip host host2 2002 192.168.1.1 Where it says "2001", for example, the "1" is the cable/line number that that device is connected to.
This means that you could either telnet to the console of the connected "host1" by just telnetting to 192.168.1.1 2001 OR You could first telnet to the access server, then just twohost1 to telnet to that host.
Once connected to the device, you can switch between active sessions by using ctrl-shift-6-x to bring you back to terminal server. You can use show sessions to display the active sessions, and to go back to your session just press enter for the last session or the session number of that session.
To disconnect a session use the disconnect command.

Popular posts from this blog

What is a Sysvol?

Image
SYSVOL is the acronym for the SYSFOL folder and all of the files stored in it on the Windows Operating System (OS). It stores the server’s copy of public data and files for the domain. These files consist of group or user policy information. The information stored in the SYSVOL folder is copied to all domain controllers on the respective domain. What are the SYSVOL Requirements? First, the SYSVOL folder has to be located on a Windows NTFS volume. The information stored in the SYSVOL folder is replicated on all domain controllers’ local disk via the File Replication Service (FRS), which must be installed for the operation to work properly. For network clients to access the SYSVOL tree’s contents, they must gain permission to access the NETLOGON and SYSVOL folders. The SYSVOL folder is used for a number of common networking applications, including adding a domain to an existing set or “Forest” of domain servers and locally creating a new logon script. How to Add a Domain to an
Read more

HOW TO EDIT THE BCD REGISTRY FILE

Image
The BCD registry file controls which operating system installation starts and how long the boot manager waits before starting Windows. Basically, it’s like the Boot.ini file in earlier versions of Windows. If you need to edit it, the easiest way is to use the Startup And Recovery tool from within Vista. Just follow these steps: 1. Click Start. Right-click Computer, and then click Properties. 2. Click Advanced System Settings. 3. On the Advanced tab, under Startup and Recovery, click Settings. 4. Click the Default Operating System list, and edit other startup settings. Then, click OK. Same as Windows XP, right? But you’re probably not here because you couldn’t find that dialog box. You’re probably here because Windows Vista won’t start. In that case, you shouldn’t even worry about editing the BCD. Just run Startup Repair, and let the tool do what it’s supposed to. If you’re an advanced user, like an IT guy, you might want to edit the BCD file yourself. You can do this
Read more

AD LDS – Syncronizing AD LDS with Active Directory

Image
First, we will install the AD LDS Instance: 1. Create and AD LDS instance by clicking Start -> Administrative Tools -> Active Directory Lightweight Directory Services Setup Wizard. The Setup Wizard appears. 2. Click Next . The Setup Options dialog box appears. For the sake of this guide, a unique instance will be the primary focus. I will have a separate post regarding AD LDS replication at some point in the near future. 3. Select A unique instance . 4. Click Next and the Instance Name dialog box appears. The instance name will help you identify and differentiate it from other instances that you may have installed on the same end point. The instance name will be listed in the data directory for the instance as well as in the Add or Remove Programs snap-in. 5. Enter a unique instance name, for example IDG. 6. Click Next to display the Ports configuration dialog box. 7. Leave ports at their default values unless you have conflicts with the default values. 8. Click N
Read more