What's Popular

  • Adding VLANs to Cisco UCSM & HyperFlex
    I know there are a few more ways to do these procedures, but this is just one example in this overall SOP. 1.    First, from the UCS mana...
  • Delete Normal VLANs
    • First off, VLANs are sorted through identifiers. Regular VLANs are identified with 1-4096.  • There are actually VLANs 1-1001 which ar...
  • Palo Alto Graceful Shutdown
    Via GUI: •    Click on Device tab > Setup link > Operations tab •    Click on shutdown device under device operations on the right...

Meh, Whatever is Featured

Linking Active Directory to Palo Alto

 ###First you need to create a server profile under the LDAP section. DEVICE>Server Profiles>LDAP then click on the Add down at the bo...

Friday, October 7, 2022

Open Port on Linux Firewalld

 1. First you need to add the rule:

a. user@test>firewalld-cmd --add-port=YOUR_PORT_#/udp-or-tcp --permanent


2. Restart the firewall:

a. user@test>firewall-cmd --reload


3. Check the firewall list:

a. user@test>firewall-cmd --list-all

Posted by at No comments:
Labels: , ,

Monday, September 12, 2022

Kubernetes Cheat Sheet

 • Check Status of Pods

o kubectl get pods (quick detail)

o kubectl get pods -A (more details)

Check the logs on a pod

o kubectl logs POD_NAME

o kubectl logs POD_NAME CONTAINER_NAM (For pods with multiple containers)

Delete one pod, or selected ones:

o kubectl delete pod YOUR_POD, NEXT_POD

Delete All Pods

o kubectl delete pod --all

Pull evicted pods and then Delete them

o kubectl get pod | grep Evicted | awk '{print $1}' | xargs kubectl delete pod

Get services for each pod (service is the gateway into the pod)

o kubectl get endpoints

Get service endpoints for specific pod:

o kubectl get endpoints YOUR_POD_NAME

Get service cluster IPs for Pods

o kubectl get services

Check the logs for the Kubernetes Startup/Shutdown

o journalctl -u kubelet

Get service information for a specific pod

o kubectl describe service YOUR_SERVICE/POD

Get pod information for specific pod

o kubectl describe YOUR_POD

Find information on your nodes

o kubectl get nodes

get pods under a specific namespace

o kubectl get pods --namespace YOUR_NAMESPACE -A

Posted by at No comments:
Labels: , ,

Update Time and Date Linux

First verify your time by typing in:

o #timedatectl

Set NTP or Disable

o #timedatectl set-ntp yes

o #timedatectl set-ntp no

Set Timezones

o #timedatectl set-timezone UTC

o #timedatectl set-local-rtc 1(YOUR_LOCAL_TIMEZONE)

Change the Clock

o #timedatectl set-time HH:MM:SS

o #timedatectl set-time YYYY-MM-DD

List Timezones

o #timedatectl list-timezones

o #timedatectl list-timezones | grep keyword(Time-Zone)

Set Hardware Clock to Sync with UTC

o #timdatectl set-local-rtc 0

Display the Hardware Clock (Older Ubuntu Versions)

o #sudo hwclock -r

o #sudo hwclock --show

o #sudo hwclock --show --verbose

Display the date and change the date/time (Older Ubuntu Versions)

o #date (display)

o #sudo date -s YY-MM-DD HH:MM:SS

Posted by at No comments:
Labels: , ,

Tuesday, May 31, 2022

Delete Normal VLANs

First off, VLANs are sorted through identifiers. Regular VLANs are identified with 1-4096. 

There are actually VLANs 1-1001 which are called normal VLANs and they are stored in the vlan.dat file. These cannot be deleted by deleting the config or running file. They are stored in flash. Every once in a while, you might have to delete them completely though.

The only way to delete them is by deleting this vlan.dat file and then reloading the switch.

You can delete these by doing the following steps:

o SW-01>enable

o SW-01#delete vlan.dat

Delete filename [vlan.dat]?

This displays the vlan.dat filename, press ENTER to confirm.

Delete flash:/vlan.dat? [confirm]

This asks again that you are about to delete the vlan.dat file from system flash, press ENTER to confirm again.

o SW-01#reload

Once you reload your switch you can check your VLANs with:

o SW-01#show vlan brief

Verify the VLANs are fully cleared out.

Posted by at No comments:
Labels: , , ,

Monday, May 23, 2022

Basic Palo Alto FW Commands

Show VLANs on a Palo Alto

o uname@FW-Name(active)# show network interface vlan

Show Interfaces on Palo Alto

o uname@FW-Name(active)# show network interface Ethernet

Basic show logging of traffic on PA

o uname@FW-Name(active)# show log traffic src in x.x.x.x receive_time in last-hour dport equal 443

Show NAT policies on a PA

o >show running nat-policy

Show DHCP configuration info for PA

o >conf t

o #show network dhcp interface vlan.your-vlan relay

PA privilege mode is with the > sign.

Config mode for a PA is with the # sign

Posted by at No comments:
Labels: , , , , ,

Thursday, January 27, 2022

Disable Telnet on Cisco Switch and Router

 1.    You must disable Telnet on your Cisco switch/router since it will be enabled by default and will not disable until you manually disable it.

2.    RTR-01>enable

3.    RTR-01#conf t

4.    RTR-01 (config) #line vty 0 15

5.    RTR-01 (config-line) #transport input ssh
    a.    This transport command is telling the switch/router to only accept SSH connections

6.    RTR-01 (config-line) #end

7.    RTR-01#write

Posted by at No comments:
Labels: , , ,

Wednesday, January 26, 2022

Change SSH Version

1.    When you enable SSH, it might default to a version number that you are not running or do not wish to run. Make sure to enable the correct version.

2.    First, you can find out which version you are running by doing the following:
    a.    RTR-01>enable
    b.    RTR-01#show run | include ssh version
        i.    Here it will show you which version of SSH you are running
        ii.    You can also just type RTR-01#show ip ssh

3.    Next, you can change your version of SSH
    a.    RTR-01>enable
    b.    RTR-01#conf t
    c.    RTR-01 (config) #ip ssh version YOUR_DESIRED_VERSION
    d.    RTR-01 (config) #end
    e.    RTR-01#write
        i.    Or copy-running-config startup-config

4.    Now, verify your version number:
    a.    RTR-01#show ip ssh
    b.    Orr you can type: RTR-01#show run | include ssh version

Posted by at No comments:
Labels: , , , ,

Monday, January 17, 2022

Create User and Password for Cisco Device

1.    First, you will need to determine if you want a normal user, or an admin user. The following is for a normal user:
    a.    >enable
    b.    #conf t (configure terminal)
    c.    (config) #username YOUR_USER_NAME secret USER_PASSWORD

2.    If you wish to create an admin user, the following can be done”
    a.    >enable
    b.    #conf t
    c.    (config) #username YOUR_USER_NAME privilege 15 secret USER_PASSWORD

3.    Finally, you will need to enable logins into the switch/router by doing the following:
    a.    >enable
    b.    #conf t
    c.    (config) #enable secret DESIRED_PASSWORD_HERE
        i.    This will start requiring you to utilize logins into the switch and also with a default password
        into the switch too.

4.    You have now created a basic lockdown on your Cisco device. Again, this is just super basic utilizing the Cisco built in login local database.

5.    Which you can enable (if you have not already) this way:
    a.    For the console line:
    b.    >enable
    c.    #conf t
    d.    (config) #int line con 0
    e.    (config-line) #login local
    
    f.    And finally for your VTY lines:
    g.    >enable
    h.    #conf t
    i.    (config) #line vty 0 15
    j.    (config-line) #login local

6.    The main thing you need here is the login local command. This tells the switch/router to use the local user database to login.

Posted by at No comments:
Labels: , , , , , , , , , ,
Subscribe to: Posts (Atom)