• Tags
ACLs
ANDORID
APACHE
ARP
ASIR
ASO
AW
BIND9
CENTOS
CI/CD
CISCO
CMS
Comands
Containers
Contenedores
Controladores NVIDIA
DEBIAN
Debian 12
DHCP
DNAT
DNS
DNSMASQ
Docker
Enrutamiento
FIREWALL
FORENSE
FORTINET
FORWARDING
FTP
GNS3
HTTPS
IPTABLES
IPv4
IPv6
ISO
IWEB
Jenkins
Jenkis
Kubernetes
KVM
LAMP
LEMP
LINUX
MariaDB
Metrics
Mysql
NAT
Network
Networking
NFTABLES
NVIDIA Drivers
Observability
OPENVPN
Oracle
PostgreSQL
Prometheus
Redes
REDHAT
ROCKY
Routing
Services
Servicios
Sistemas
SMR
SNAT
SSH
STRONGSWAN
Switches
VPN
Windows
WIREGUARD
Wireshark
WordPress

Remote access VPN with OpenVPN and x509 certificates

One of the two teams (which will act as a server) will be connected to two networks For the authentication of the extremes, digital certificates shall be used, which shall be generated using openssl and stored in the / etc / openvpn directory, together with the Diffie- Helman parameters and the certificate of the Certification Authority itself. Network addresses 10.99.99.0 / 24 will be used for VPN virtual addresses. The address 10.99.99.1 shall be assigned to the VPN server. The server and client configuration files will be created in the / etc / openvpn directory of each machine, and will be called servor.conf and cliente.conf respectively. After the establishment of the VPN, the client machine must be able to access a machine on the other network to which the server is connected. Riding the stage To perform this exercise I have mounted the following scenario on GNS3:

• VPN
• CISCO
• LINUX
• DEBIAN
• OPENVPN

Thursday, March 28, 2024 | 17 minutes Read

VPN site to site Wireguard

[!NOTE] I will start from the VPN post remote access with Wireguard, so you may refer to this one during this article. Key generation The first thing we will do is to install both the Wireguard package in both machines: root@servidor1:~# sudo apt update && sudo apt install wireguard debian@servidor2:~$ sudo apt update && sudo apt install wireguard Let’s generate the pairs of keys that will be used to encrypt the connection. We will need a key for the server and a couple of additional keys for each client.

• VPN
• CISCO
• LINUX
• DEBIAN
• WIREGUARD

Thursday, March 28, 2024 | 5 minutes Read

VPN site to site with IPsec Cisco

In this post I’m going to mount an IPSEC VPN using swan routers. [!NOTE] This post details the configuration of R2 and R3 routers, however R1 is explained in the post of “VPN OpenVPN remote access.” If you want to see the configuration of the latter, look at the section preparing the stage. # Stage configuration As I have changed stage, the 2 new routers have to be set up on the R2 and R3 network.

• VPN
• LINUX
• CISCO

Thursday, March 28, 2024 | 6 minutes Read

VPN site to site with OpenVPN and x509 certificates

Riding the stage To perform this exercise I have mounted the following scenario on GNS3: Swan router configuration Let’s give each interface the corresponding network configuration: #Interfaz que nos dará internet R1#configure terminal R1(config)#interface fastEthernet 0/0 R1(config-if)#ip add dhcp R1(config-if)#no shut R1(config-if)#exit #Interfaz red Servidor 1 R1(config)#interface fastEthernet 1/0 R1(config-if)#ip add 90.0.0.1 255.255.255.0 R1(config-if)#no shut R1(config-if)#exit #Interfaz red Servidor 2 R1(config)#interface fastEthernet 1/1 R1(config-if)#ip add 100.0.0.1 255.255.255.0 R1(config-if)#no shut R1(config-if)#exit #Ruta por defecto para internet R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.122.1 #Guarda la configuración R1#write #Configuración de SNAT R1#conf term R1(config)#access-list 1 permit 90.0.0.0 0.0.0.255 R1(config)#access-list 1 permit 100.0.0.0 0.0.0.255 R1(config)# ip nat pool NAT-Pool 192.168.122.127 192.168.122.127 prefix-length 24 R1(config)#ip nat inside source list 1 pool NAT-Pool overload R1(config)#interface FastEthernet0/0 R1(config-if)#ip nat outside R1(config)#interface FastEthernet1/0 R1(config-if)#ip nat inside R1(config)#interface FastEthernet1/1 R1(config-if)#ip nat inside Server Configuration 1

• VPN
• CISCO
• LINUX
• DEBIAN
• OPENVPN

Thursday, March 28, 2024 | 16 minutes Read

VPN Wireguard remote access

First I will configure the server machine as a VPN remote access and server server as a VPN client. I will then set up a Windows and Android client. The first thing we will do is to install both the Wireguard package in both machines: root@servidor1:~# sudo apt update && sudo apt install wireguard debian@servidor2:~$ sudo apt update && sudo apt install wireguard Let’s generate the pairs of keys that will be used to encrypt the connection. We will need a key for the server and a couple of additional keys for each client.

• VPN
• CISCO
• LINUX
• DEBIAN
• WIREGUARD

Thursday, March 28, 2024 | 9 minutes Read

GNS3 switch configuration

You will learn to configure switches in GNS3, both generic devices and Cisco switches, using the VLans concept to segment the network and explore the complexities of network management. Stage preparation The first thing I’ll do is set up the stage: Customer network configuration Then set up the network cards of the customers, taking advantage that the NAT cloud includes a DHCP server. To do this, we write on the VPCS the following command:

• Redes
• Wireshark
• GNS3
• Cisco
• Switches

Friday, September 8, 2023 | 11 minutes Read

IPv6 Tunnels

Introduction In this detailed post, we explore the process of configuring IPv6 to IPv4 tunnels and vice versa in Linux and Cisco environments. As the migration to IPv6 gains importance, the ability to establish communication between IPv4 and IPv6 networks becomes essential. We will cover the basics of tunnel configuration, including the most common types of tunnels, such as 6to4 and Teredo. Additionally, we will provide step-by-step instructions for configuration on both Linux systems and Cisco devices.

• Networking
• IPv6
• IPv4
• Cisco
• Linux

Friday, September 8, 2023 | 10 minutes Read

NAT Cisco and Linux Configuration

In this article, we will explore the configuration of SNAT (Source Network Address Translation) and DNAT (Destination Network Address Translation) in scenarios with public addresses, using routers in Linux environments and Cisco devices. Scenario with debian machines Preparation of the environment Installation of packages Once the machines are placed we must download Apache for the web servers, to do this we will connect both servers to a switch and this to the NAT cloud for Internet access.

• Redes
• Enrutamiento
• NAT
• SNAT
• DNAT
• Cisco
• Linux

Friday, September 8, 2023 | 14 minutes Read

Underworld

Introduction You live in UNDERWORLD. In your world, there are different types of species with one goal: to “crossbreed” with each other. These creatures are: VAMPIRES WEREWOLVES (LICÁNTROPOS): Werewolves with the ability to return to their human form. WOLFMEN (HOMBRES LOBO): Werewolves who, after their first transformation, cannot return to their human form. HUMANS: Some annoying little creatures. YOU: A tech-savvy warrior with superpowers like turning around a game that hasn’t even been released yet or having the ability to become invisible when going out to party and trying to flirt with a girl by saying things like: “Do you want me to compile your kernel, babe?” The layout of UNDERWORLD is as follows:

• Networking
• Wireshark
• GNS3
• Cisco
• Routing
• ACLs

Friday, September 8, 2023 | 7 minutes Read

Underworld evolution

The world of UNDERWORLD has evolved greatly in recent months, so you must perform network management tasks to face the new situation. On one hand, the Internet has been discovered in the Underworld, allowing each of the sub-worlds (remember: vampires, werewolves, lycanthropes, and humans) to connect to a router that, in turn, connects them to one of the two large routers that form Underworld’s Internet, called Marcus (for humans and vampires) and Alexander (for werewolves and lycanthropes). Marcus and Alexander are connected to each other.

• Networking
• SNAT
• DNAT
• Cisco
• Linux

Friday, September 8, 2023 | 16 minutes Read