NSX-V Edge (ESG) Packet Capture

Capturing packets on the NSX Edge is relatively simple, the ESG uses similar capture syntax to that of TCPDUMP with a few minor caveats, which I will cover in this post.
When doing a packet capture, the primary thing to do is to identify the interface you want to capture traffic on and then define the traffic capture filter, which will ensure you only capture the packets that your interested in. This will cut down the noise and leave you with a fairly clean packet capture, however there is no reason you can’t just capture everything. Continue reading “NSX-V Edge (ESG) Packet Capture”

Advertisements

NSX-V Edge: Site-to-Site IPSEC VPN

This post will describe the process of setting up a site-to-site vpn from the VMware NSX Edge to a Cisco Cloud Services Router (CSR) 1000v, although we are using a virtual Cisco router, the process described below could be used for any remote device. In this post we will be configuring the Edge Services Gateway (ESG) via the vSphere Web Client, however, the method of setting up the VPN could easily be automated via the NSX REST API. Continue reading “NSX-V Edge: Site-to-Site IPSEC VPN”

OSX deleting those pesky DS_Store files

If you have a MAC and you have ever transferred anything to USB, then opened the USB Drive on a Linux/Windows machine, you would have noticed the creation of .DS_Store files along with whatever the contents you placed onto the USB. Continue reading “OSX deleting those pesky DS_Store files”

Sublime Text Snippets for Cisco WLC ACLs

Part of a consultants/engineers job unfortunately is to configure things which can be quite repetitive in nature, every time I find something that needs to be done twice I will create a script in whatever language best fits the purpose. It’s also a great way to ensure that you don’t make silly mistakes, other than trying to make your workflow better. Continue reading “Sublime Text Snippets for Cisco WLC ACLs”

ISE: Posture-Profiler High Level Flow of Events

The following diagram is a High-Level Flow overview of how ISE makes decisions for authentication requests, particularly important for Posture and Profiler Decisions. Continue reading “ISE: Posture-Profiler High Level Flow of Events”

Backing up a Cisco ISE Environment – Standalone or Distributed

A quick post on the correct way of doing backups on ISE. There are a few instances I have seen, where ISE is not being backed up using the supported (correct) method as dictated by Cisco. This is especially true in vSphere environments, where VCB backups of the ISE nodes are used as the sole backup. Continue reading “Backing up a Cisco ISE Environment – Standalone or Distributed”

ISE 1.3/1.4 BYOD Provisioning Flow

Quick post; I wanted to upload a diagram showing a basic BYOD device flow through ISE for an Apple IOS device. The diagrams purpose is to show what happens at what stage and to give an implementation engineer an understanding of where to go in ISE to configure BYOD. There is plenty of great documentation from Cisco that covers this but I haven’t seen a diagram that documents the flow…. Hope this helps Continue reading “ISE 1.3/1.4 BYOD Provisioning Flow”

Upgrading to Cisco ISE 1.4

ISE 1.4 was released on the 6th May 2015, this release in my opinion is a minor release. Unlike ISE 1.3 which introduced some big features, namely the Internal Certificate Authority, this release unfortunately doesn’t go as far.

Continue reading “Upgrading to Cisco ISE 1.4”