An Ansible playbook for dynamically determining whether an ASA has multiple contexts and backing up the running configuration accordingly.
Ansible – asa_facts
Roll your own asa_facts module with splits and slices.
endlessninth
The Cisco PSIRT openVuln API was released at the end of 2015 and I stumbled across it in 2016 and have written numerous post and scripts which access it. However a some point in the last three years access to the API has been restricted and a "Service Partner Contract" is now required. This means... Continue Reading →
UNIX graveyard
One of the great things about being a network contractor is the frequent change of employers and the different networks and infrastructure that I am introduced to. I recently was introduced to the oldest datacentre I have seen to date. Deep inside an old looking concrete office building down winding corridors I was led into a... Continue Reading →
Netbox – Creating patch panels and passive cabling
I have been using Netbox for a couple weeks and am really impressed with the product. It is an intuitive piece of software which flows well, however configuring passive infrastructure wasn't immediately obvious. This post will over of the process of connecting two devices in separate racks via four patch panels. Before we begin I... Continue Reading →
Juniper SRX300 IPv6 tunnel
The SRX300 (and SRX550M) are configured to drop IPv6 traffic by default: see documentation: When IPv6 is configured on SRX300 Series and the SRX550M devices, the default behavior is set to drop mode because of memory constraints.https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ipv6-flow-processing-enabling.html This can be confirmed: admin@CS7-HQ-FW02> show security flow status Flow forwarding mode: Inet forwarding mode: flow based Inet6... Continue Reading →
Ansible – Cisco IOS upgrades
Example ansible playbook for upgrading Cisco IOS images.
Interacting with Cisco APIs
Evaluation of different methods for accessing a REST API. Methods tested include Curl, Postman, Python - requests and Python - openVulnAPI.
vuln_checker
A Python script using the Cisco PSIRT API to collect vulnerability information on a static inventory file.
Cisco Designated VIP 2019
Another 12 months pass and I'm pleased to receive notification of CiscoVIP selection: I'm no longer contracting for Cisco so this time it sticks. I'll be traveling to Australia in March for Cisco Live. Can't wait!
