Linux policy based routing and lots of VPNs.
Multi route table with PBF and VPN server
Palo Alto – BGP inbound route filtering
BGP prefix filtering using community strings
Network device monitoring with telegraf, grafana and SNMP
This post will cover the steps to make a dashboard for monitoring a Juniper SRX110H2-VA. A FreeBSD 13.0 instance will be used to collect and display the data. It will start with a simple graph to display a single field and each subsequent panel will use a new feature or technique creating a great dashboard.... Continue Reading →
Juniper SRX VDSL configuration
Below is the minimum config you would need to get a functional VDSL connection on an SRX. The platform I am using is the old (but still supported!) SRX110H2-VA. One gotcha is the vlan-id setting on the pt- interface, a significant amount of searching was required to determine what this value should be; VLAN ID... Continue Reading →
Homelab 2021
Time to leave the four core world behind and build something bigger for my lab topologies.
Running Palo Alto VM under bhyve
Try as I might I had no luck in running the Palo Alto VM under VirtualBox. It is not a supported environment but VMware Player is not available under FreeBSD. this post will look at getting the VM running under the BSD homegrown bhyve. # uname -r 13.0-RELEASE To covert a VMDK file into a... Continue Reading →
Palo Alto – BGP Load sharing, dual-homed to single ISP
Using Local Preference and MED for symmetric routing in a dual-homed topology.
Running a Palo Alto 10.0.2 VM on EVE-NG
Using the latest PAN-OS (v10.0.2) ESXi (PAN-OS for VM-Series Base Images) on EVE-NG
Ansible – export Palo Alto config
Create a Ansible playbook for configuration export.
DNS blackhole using FreeBSD
Roll your own DNS blackhole with bind and a little bit of scripting.
CS7 Networks 