tag:blogger.com,1999:blog-29953172024-02-19T07:55:15.473-05:00Technology NotebookInterested in Windows, Networking, Cisco, HTML, Powershell, Perl, Outlook, Exchange, TroubleshootingDataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.comBlogger962125tag:blogger.com,1999:blog-2995317.post-91500807280699682642022-04-29T14:40:00.002-04:002022-04-29T14:40:11.826-04:00Disable UDP for Remote Desktop Disable RDP UDP protocol- run cmd.exe as administrator- reg add “HKLM\software\policies\microsoft\windows nt\Terminal Services\Client” /v fClientDisableUDP /d 1 /t REG_DWORDthen REBOOTORLocal / Group policyComputer Configuration > Administration Templates > Windows Components > Remote Desktop Services >Remote Desktop Connection Client. Set the “Turn Off UDP On Client” DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-77011309761124642862020-03-22T15:56:00.002-04:002020-04-02T11:30:09.987-04:00Monitor Cisco ASA with snmp using powershell
With the entire company working remotely, the bosses want to see an hourly report of ASA connections since our capacity is limited.
To find the SNMP OIDs of interest I used a freeware MIB walker and lots of googling in he past 2 days about this and everything else.
I already had SNMPGET for the cisco backup script I've been using for years.
This was a good opportunity to learn more about DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-68429320662286813212020-02-21T09:13:00.000-05:002020-02-21T09:13:10.392-05:00Multiple mutual redistribution OSPF<>BGP config
Below are router configuration fragments for redistribution between OSPF network and BGP network.
PRI-P2P
!
router
ospf 1
router-id 10.35.1.254
area 0 authentication
redistribute bgp 65210 subnets route-map
B2O-IN
network 10.35.1.96 0.0.0.7 area 0
network 10.35.1.104 0.0.0.7 area 0
network 192.168.249.254 0.0.0.0 area 0
!
router
bgp 65210
DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-8036908721793110642020-02-21T08:59:00.001-05:002020-02-21T08:59:07.270-05:00Multiple Mutual Redistribution OSPF <> BGP
Nearing the close of a big project. Connectivity for two nearly equal sized networks:
First is OSPF overlay on dual service provider MPLS WANs advertising a single IP via BGP. These IP's are used to establish DMVPN connectivity to hub sites.
The other has a very simplified remote office with just a couple VLANs defaulting to a core switch. That core switch is a BGP neighbor DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-49451112037172431702020-02-21T08:35:00.004-05:002020-02-21T08:35:59.811-05:00Google Chrome QUIC Protocol
UDP/443
Noticed a lot of UDP/443 traffic?
Check out this article about QUIC experimental protocol that Google is using.
Interesting Chrome hacks:
Chrome Flags
net-internals
DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-15756904382884940462019-03-27T10:08:00.001-04:002019-03-27T10:08:36.639-04:00Cisco Router Dynamic Address
interface Eth2
ip address DHCP
DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-79979055192129405412019-01-02T09:01:00.004-05:002019-01-02T09:02:41.205-05:00Capture on Windows Server without any Wireshark or other install
http://www.smattie.com/2013/11/12/how-to-gather-a-packet-capture-without-installing-wireshark/
https://www.t2techgroup.com/dont-install-wireshark-on-your-windows-server/
Netsh trace start
capture=yes tracefile=c:\temp\trace.etl
Netsh trace stop
.\etl-to-pcap.ps1 -Path c:\temp\trace.etl
-Destination c:\temp\trace.pcap
https://chentiangemalc.wordpress.com/2018/10/08/DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-35076475373712905632018-08-14T08:56:00.002-04:002018-08-14T08:56:25.673-04:00
https://www.tracewrangler.com/ looks like an interesting tool. It will anonymize packet captures and help troubleshoot problems using multiple captures.
DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-15377378616793765242017-12-06T08:57:00.001-05:002017-12-06T08:57:53.072-05:00Windows WLAN Info
From Windows CMD prompt:
netsh wlan show interfaces
DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-31255256309175304952016-11-18T10:45:00.001-05:002016-11-18T10:45:13.210-05:00Finding vmnetcfg.exe in VMware Player 3.1.4Finding vmnetcfg.exe in VMware Player 3.1.4DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-87835979306784682022016-11-18T10:42:00.002-05:002016-11-18T10:42:50.727-05:00VMWare Workstation Networking
This is a great overview of how networking works in VM Workstation:rednectar: vmware-interfaces-tutorial
The diagrams are especially helpful:
DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-41445044414147247922016-10-28T11:34:00.003-04:002016-10-28T12:38:58.937-04:00Map ports to ASIC on Cisco 7K
Map Port to ASIC on Cisco 7K Switch
From: Nexus 7000 NXOS VDC Config Guide
Find the slot# of the module:
show mod
Enter command:
slot 3 show hardware internal dev-port-map
Sample Output:
--------------------------------------------------------------CARD_TYPE: 48 port 10G>Front Panel ports:48-------------------DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-22851250192217530392016-09-29T13:38:00.003-04:002017-12-06T08:55:13.552-05:00DNS Health Check
http://portal.ultradns.com/premium/ultratools.jsp
DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-37693712364708264212016-09-29T13:38:00.002-04:002016-10-28T11:34:55.479-04:00DNS Health Check
http://portal.ultradns.com/premium/ultratools.jsp
DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-51042828977522801372016-09-28T17:49:00.001-04:002016-09-28T17:56:52.861-04:00Dig Web Interface1. Browse to http://www.digwebinterface.com/
2. Enter the list of hosts you wish to test under Hostnames or IP addresses:
3. Select Resolver under Name Servers:
4. Check Trace under Options
5. Click Dig
First section of results are root servers.
Next section are authoritative name servers for the TLD
Next DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-69938403860457203012016-09-28T15:12:00.000-04:002016-09-28T15:12:16.157-04:00Duplicate IP address registrations in DNSDuplicate IP address registrations in DNS
https://blogs.technet.microsoft.com/askpfe/2011/06/03/how-dns-scavenging-and-the-dhcp-lease-duration-relate/
Very useful discussion of this issue and methods to address it.
Also a script to identify duplicate IP addresses in DNS:
#
#Import the Active Directory Module
import-module activedirectory
#Define an empty array to store computers with DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-42919950683450317452016-09-28T15:09:00.003-04:002016-10-28T11:35:26.126-04:00Check DNS Propagation
Great online utility to check propagation of DNS changes.https://www.whatsmydns.net
DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-78801794146885822362016-06-21T16:45:00.001-04:002016-06-21T16:45:47.214-04:00Save Encrypted Passwords to Disk with PowerShellSave Encrypted Passwords to Disk with PowerShellDataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-25643851240435237962016-05-26T11:41:00.001-04:002016-05-26T11:41:45.688-04:00Packet CaptureThe challenge I often have for capturing packets is that I need 2 interfaces on the machine doing the capture. It has been problematic to use the wired NIC on the span port and using the wireless NIC for remote access to the laptop.
I am tempted to do the following:
- setup the span port on the interface where the only wired NIC of the laptop is attached. But don't enable it yet.
- remote DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-68646948766292205252016-05-24T09:56:00.001-04:002016-05-24T09:56:07.393-04:00How to solve Windows 7 crashes in minutes | Network WorldHow to solve Windows 7 crashes in minutes | Network World: How to solve Windows 7 crashes in minutesDataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-12754555204668002462016-04-29T12:35:00.000-04:002016-04-29T12:37:57.609-04:00Jumbo FramesHurts my head to think about attempting jumbo frames.
http://www.bitplumber.net/2009/03/how-to-configure-jumbo-frames/
DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-35641206673934284692016-04-21T18:19:00.004-04:002016-04-29T12:38:33.728-04:00Cisco Nexus: EthAnalyzerI've been fighting with getting EthAnalyzer trying to get it to do something useful. But it always only showed me traffic to/from the switch itself, not packets that pass through it.
Today I found the following information and EUREKA!
ethanalyzer data plane traffic analysis
ACLs and Ethanalyzer for Data Plane Sampling:
The Ethanalyzer captures only traffic on CPU, so seems as DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-14019649675419923822016-03-25T18:49:00.000-04:002016-03-25T18:49:09.772-04:00powershell sshOne method for using powershell to ssh to a router/etc:
powershelladmin
Unfortunately it doesn't accept a credential object.
One workaround would be something like the following pseudo code:
import-module ssh-sessions
$cred = get-credential
$user = $cred.getnetworkcredential().username
$pw = $cred.getnetworkcredential().password
(create log file)
(get $list of hosts from file)
(get $DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-58990336480196927782016-01-27T18:21:00.003-05:002016-01-27T18:21:50.983-05:00tracetcptracetcp
The utility available at the link above is very useful.
Instead of requiring icmp, it will perform a traceroute using any TCP port you wish.
VERY useful for testing custom route-map just for tcp 443. (I could make plain old traceroute work by adding icmp to the route-map, but that isn't really a test.)
DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0tag:blogger.com,1999:blog-2995317.post-38422083575269994232015-12-03T16:58:00.001-05:002016-01-27T18:22:03.895-05:00Bandwidth Throttling with RobocopyBandwidth throttling with Robocopy
Calculate the /IPG number.
BA=Kbps of circuit
BD=approximate Kbps you want to allow
IPG = ((BA-BD)/BA*BD)*512*1000DataComGuyhttp://www.blogger.com/profile/12509468481805701911noreply@blogger.com0