PBSPlaza.nl

Since i configured a lot of site-2-site VPN those days, i created a VPN config snip which i have used as a template. So i you need to configure a site-2-site VPN on a Cisco ASA, you can use this template and customize the fields.

access-list outside_8_cryptomap extended permit ip 192.168.1.0 255.255.255.0 10.1.10.0 255.255.255.0
access-list vpn_filter extended permit ip any any
!
access-list inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 10.1.10.0 255.255.255.0
!
crypto isakmp policy 1
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
!
group-policy <policy_name> internal
group-policy <policy_name> attributes
vpn-idle-timeout none
vpn-filter value vpn_filter
vpn-tunnel-protocol IPSec

!
tunnel-group 1.1.1.1 type ipsec-l2l
tunnel-group 1.1.1.1 general-attributes
default-group-policy <policy_name>
tunnel-group 1.1.1.1 ipsec-attributes
pre-shared-key <pre-shared-key>
!
crypto map outside_map 8 match address outside_8_cryptomap
crypto map outside_map 8 set pfs
crypto map outside_map 8 set peer 1.1.1.1
crypto map outside_map 8 set transform-set ESP-AES-256-SHA
crypto map outside_map 8 set security-association lifetime seconds 3600
crypto map outside_map 8 set nat-t-disable

Sometimes, you want to see the serial number of a transceiver in a Cisco switch (e.g, a GLC-SX-MM=). You can see the transceiver serial number by typing the following command;

switch#sh idprom interface gigabitEthernet x/y | i Serial

The i serial is optional to filter out the Serial number.

In the last weeks, i have been busy with doing some upgrades of CactiEZ 0.8.7c with PA2.2 to 0.8.7e with PA2.5. As always, at first sight everything seems to be OK when the upgrade has finished. But when you have a full blown Cacti server (with a lot of plugins and tweaks running), it can be different..

In some cases, the GRAPHS screen did stay blank when i clicked on the GRAPHS tab after the upgrade. The only thing i could do to see the graphs, was to click the TREE tab, resulting in showing up the graph tree on the left of the screen. Then i have to click on the appropriate graph in the tree to see it.

In a few words, i did the following to fix this problem (it’s not the most neat one:/)

1. Backup your Cacti files!
2. Download the official Cacti 0.8.7e files
3. Overwrite the files in the ‘/var/www/html’ directory on your server with the official Cacti 0.8.7e files
4. Now overwrite the files in the ‘/var/www/html’ directory again with the 0.8.7e/PA2.5 files

Now some files have to be edited for Cacti to function correctly;

5. Edit /var/www/html/include/config.php

Go to rule number 30 and edit the following line;

$database_password = "change_this_to_your_dbpassword";

6. Edit /var/www/html/include/global.php

Add the plugins you have installed with the $plugins statements. You can get those from your backup files.

Now Cacti should operate normal again. When you click the GRAPHS tab, the main graph screen will show up again!