Labs – Expert Network Consultant https://www.expertnetworkconsultant.com Networking | Cloud | DevOps | IaC Tue, 21 Mar 2023 08:32:08 +0000 en-GB hourly 1 https://wordpress.org/?v=6.3.5 How to Connect GNS3 to a Physical Network | A Step by Step Guide https://www.expertnetworkconsultant.com/expert-approach-in-successfully-networking-devices/how-to-connect-gns3-to-a-physical-network-a-step-by-step-guide/ Tue, 21 Mar 2023 08:35:54 +0000 http://www.expertnetworkconsultant.com/?p=3732 Continue readingHow to Connect GNS3 to a Physical Network | A Step by Step Guide]]> How to Connect GNS3 to a Physical Network | A Step by Step Guide

This article How to Connect GNS3 to a Physical Network is a no nonsense step by step guide to setting up a full hands on GNS3 lab for the serious network engineer or student. This How to Connect GNS3 to a Physical Network lab is what it says on the tin. Routing, Switching, Firewall Security, Infrastructure, Virtualisation and Internet all made possible by this advanced lab created by some of the smartest network engineers of today.

How to Connect GNS3 to a Physical Network | Connecting Switch Uplink Interfaces (Introduction)

Trust me, we understand your frustration. You really want a handson lab but GNS3 has some gotcha’s, and it’s no longer economically efficient to have a lot of kit so what do you do? Thank God, we have the answer in the steps below. It will cost you next to nothing but guaranteed to give you the full blown hands-on experience without any compromises.

You will be able to create a myriad of labs, change network topologies without much effort and extra configuration. This lab is suitable for a business, university or individuals. It’s vendor agnostic and so can support your Next-Generation ASA Firewall, Sonic Wall, Juniper, Palo Alto, HP Aruba Switch, Cisco Catalyst Switches, Windows Servers and to make it even more interesting, if it has an interface, you can lab it.

The advantage here is that you can practice full switching and routing protocols like HSRP | GLBP | VRRP, STP, OSPF, EIGRP to name but a few.

Let us put together our kit list (Some of these you may already have at your disposal)

Hardware Kit

  • 1 x Desktop Computer or Workstation with Expansion Slots (If you own a laptop, you will need USB C to Ethernet Adapters) – Not truly reliable hence the workstation preference.
  • 2 x 4 Port PCI-E 1Gbps Network Interface Card | 2 Access Buildings
  • 2 x Access Switches | Cisco Catalyst Switches or HPE Aruba Switches | Vendor Agnostic

Software and Operating System

Figure 1.0 – Connect Network Device to Ethernet Adapter
How to Connect GNS3 to a Physical Network

Figure 1.1 – 4 Port Ethernet Adapter
How to Connect GNS3 to a Physical Network

Figure 1.2 – Connect Switch Uplink Interfaces
How to Connect GNS3 to a Physical Network
Interface 47 and 48 are our respective uplinks to Core Routers R1 and R2 respectively. To make the interface layer 3 or routed, the following configuration converts them to routed interfaces.

Example of Configuration

switch(config)# interface Fa0/47 
switch(config-if)# no switchport 
switch(config-if)# 
switch(config)# interface Fa0/48
switch(config-if)# no switchport 
switch(config-if)# 

Figure 1.3 – Uplinks of Switches 1 and 2
Uplinks of Switches 1 and 2

Access Switch 1

switch(config)# interface 47 
switch(config-if)# untagged vlan 1008
switch(config-if)# ip address 172.16.254.10
switch(config)# interface 48
switch(config-if)# untagged vlan 1012
switch(config-if)# ip address 172.16.254.14

Access Switch 2

switch(config)# interface 47 
switch(config-if)# untagged vlan 1016
switch(config-if)# ip address 172.16.254.18
switch(config)# interface 48
switch(config-if)# untagged vlan 1020
switch(config-if)# ip address 172.16.254.22

Figure 1.4 – Switches Uplinks at back of Desktop connected to Physical Interfaces
Switches Uplinks at back of Desktop connected to Physical Interfaces

Step 1 – Connect Ethernet Interfaces to Desktop Network Adapters


How to Connect GNS3 to a Physical Network | Configuring Physical Network Interfaces (Part 1)

Identify Interfaces on your computer

Command: nmcli dev status

# nmcli dev status
DEVICE  TYPE      STATE         CONNECTION
eth1    ethernet  connected     eth1
eth0    ethernet  connected     eth0
eth2    ethernet  disconnected  --
lo      loopback  unmanaged     --

Command: ifconfig

eno1: flags=4099  mtu 1500
        ether 40:a8:f0:49:7b:0a  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 20  memory 0xf7c00000-f7c20000  

lo: flags=73  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 24697  bytes 24138502 (24.1 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 24697  bytes 24138502 (24.1 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Step 2 – Configure IP Addresses for Uplink Interfaces

How to Connect GNS3 to a Physical Network | Configuring IP Addresses for Network Interfaces (Part 2)

Step 3 – Connect Uplinks to Core Routers

How to Connect GNS3 to a Physical Network | Connecting Switch Uplinks to Core Routers (Part 3)

Step 4 – Test Connectivity with Pings

How to Connect GNS3 to a Physical Network | Test Connectivity with ICMP Pings (Part 4)

Download the full lab here: Connecting GNS3 to Physical Network – Multilayer Network Access Design

Related Post:How to Connect GNS3 to Internet

]]>
Connect an IoT Device to Azure IoT Hub https://www.expertnetworkconsultant.com/network-technology-news/connect-an-iot-device-to-azure-iot-hub/ Mon, 05 Dec 2022 10:00:25 +0000 http://www.expertnetworkconsultant.com/?p=5707 Continue readingConnect an IoT Device to Azure IoT Hub]]> Connect an IoT Device to Azure IoT Hub Internet of Things are everywhere these days, in this article, I detail how to connect an MXCHIP AZ3166 devkit to IoT Hub.

IoT a matter of fact has become a common place in all spheres of human interaction. They are in our refrigerators, cars, gardens, submarines, space probes and robots, they are just everywhere and for a good reason mainly. Before we get super excited and you must be, let us start with the recommended requisites.

Clone Repository for Needed Code | This has been provided by Microsoft

git clone --recursive https://github.com/azure-rtos/getting-started.git

Prepare Your Build Environment

To install the tools:

From File Explorer, navigate to the following path in the repo and run the setup script named get-toolchain.bat:

getting-started\tools\get-toolchain.bat

After the installation, open a new console window to recognize the configuration changes made by the setup script. Use this console to complete the remaining programming tasks in the quickstart. You can use Windows CMD, PowerShell, or Git Bash for Windows.

Run the following code to confirm that CMake version 3.14 or later is installed.

cmake --version

Now that your build environment seem to be correctly setup, go through the next steps to get your local environment setup.

Install Azure IoT Explorer on Your Computer
This part requires a utility called the Azure IoT Explorer which must be installed on your computer. In this demonstration, I have installed the Windows version of the program on my operating system.

Create Azure IoT Hub
This part requires the creation of Azure IoT Hub which could be done using the CLI or Web UI. I will do this using the Web UI but provide the commands for the same in CLI. Follow along;

Connect an IoT Device to Azure IoT Hub

Successfully Created Azure IoT Hub
Connect an IoT Device to Azure IoT Hub

Add Device to Azure IoT Hub

create azure iot device

add iot device to azure iot hub

Get Connection String

$ az iot hub connection-string  show --hub-name mxchip-device-iot-hub.azure-devices.net

Copy the connection string without the surrounding quotation characters.

{
  "connectionString": "HostName=mxchip-device-iot-hub.azure-devices.net;SharedAccessKeyName=iothubowner;SharedAccessKey=UPEgplrCL+zQyabcdefgHiJkWqEXc2vOqulTAQ1k="
}
[ ~ ]$ 

Add Hubs on IoT Explorer using the connection string
add connection string on azure iot explorer
Before continuing to the next section, confirm that you’ve copied the following values:

hostName
deviceId
primaryKey

I made a note of the following elements;

HostName: mxchip-device-iot-hub.azure-devices.net
Device ID : mxchipaz366
Primary Key : KUTkSnC6Sn0vVieeabcdefghijkllU9ko0XCOwKy4= 

view devices in the hub

check devices on iot explorer under connection

Configure Connection on Local Repo
Open the following file in a text editor:

getting-started\MXChip\AZ3166\app\azure_config.h

Comment out the following line near the top of the file as shown:

// #define ENABLE_DPS

Set the Wi-Fi constants to the following values from your local environment.

WIFI_SSID	{Your Wi-Fi SSID}
WIFI_PASSWORD	{Your Wi-Fi password}
WIFI_MODE	{One of the enumerated Wi-Fi mode values in the file}

configure build values for wireless connectivity

Set the Azure IoT device information constants to the values that you saved after you created Azure resources.

IOT_HUB_HOSTNAME	{Your Iot hub hostName value}
IOT_DPS_REGISTRATION_ID	{Your Device ID value}
IOT_DEVICE_SAS_KEY	{Your Primary key value}

configure build values

Build the image
In your console or in File Explorer, run the script rebuild.bat at the following path to build the image:

getting-started\MXChip\AZ3166\tools\rebuild.bat

run rebuild batch file

iot device flash image

After the build completes, confirm that the binary file was created in the following path:

getting-started\MXChip\AZ3166\build\app\mxchip_azure_iot.bin

create iot device mxchip image

Copy the binary file mxchip_azure_iot.bin to iot dev kit

Follow the steps here.

Launch Termite and check connectivity
My device is on COM5. You can check for that in Command Prompt by typing mode.

configure serial port settings on termite

Successful Connection to Azure IoT Hub
successful connection of iot to azure iot hub

Check Telemetry on Azure IoT Explorer
check telemetry for iot device

Check Telemetry on Termite
check telemetry for iot device on termite

Simulate Device Telemetry

Simply copy paste the following command to Azure Cloud Shell. It will start simulating device as it’s sending messages to IoT Hub. You can click ‘Start’ button from the Telemetry page to start monitoring the events.

az iot device simulate --device-id mxchipdevkitaz3166 --login "HostName=**cloudmxchipiot-01.azure-devices.net;SharedAccessKeyName=iothubowner;SharedAccessKey=slKRd09jokVHPXNjDabcdeEfgHizDhmq8="

View Telemetry Received from IoT Device

az iot hub monitor-events --output table --device-id mxchipaz366 --hub-name mxchip-device-iot-hub
Starting event monitor, filtering on device: mxchipaz366, use ctrl-c to stop...
event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    magnetometerX: -445.5
    magnetometerY: 531
    magnetometerZ: 496.5

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    accelerometerX: -377.04
    accelerometerY: -917.31
    accelerometerZ: -130.66

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    gyroscopeX: -770
    gyroscopeY: -420
    gyroscopeZ: 770

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    humidity: 60.61
    pressure: 1014.05
    temperature: 19.88

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    magnetometerX: -408
    magnetometerY: 504
    magnetometerZ: 495

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    accelerometerX: -380.33
    accelerometerY: -915.85
    accelerometerZ: -129.93

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    gyroscopeX: -1190
    gyroscopeY: 630
    gyroscopeZ: 2800

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    humidity: 60.2
    pressure: 1014.04
    temperature: 20.2

event:
  component: ''
  interface: dtmi:azurertos:devkit:gsgmxchip;2
  module: ''
  origin: mxchipaz366
  payload:
    magnetometerX: -417
    magnetometerY: 531
    magnetometerZ: 486

Communicate with your IoT Device
Run the az iot hub invoke-device-method command, and specify the method name and payload. For this method, setting method-payload to true turns on the LED, and setting it to false turns it off.

az iot hub invoke-device-method --device-id mxchipaz366 --method-name setLedState --method-payload true --hub-name mxchip-device-iot-hub
az iot hub invoke-device-method --device-id mxchipaz366 --method-name setLedState --method-payload true --hub-name mxchip-device-iot-hub
{
  "payload": {},
  "status": 200
}

There are advanced aspects to provisioning IoT devices and the following guide helps you do just that.
Create a new IoT Hub Device Provisioning Service
https://learn.microsoft.com/en-gb/azure/iot-dps/quick-setup-auto-provision#create-a-new-iot-hub-device-provisioning-service

When you encounter this error;

"ERROR: azure_iot_nx_client_dps_entry"

then it is likely you did not comment out #define ENABLE_DPS.

]]>
Configure Cisco ASAv on GNS3 for Hands-on Labs https://www.expertnetworkconsultant.com/installing-and-configuring-network-devices/configure-cisco-asav-on-gns3-for-hands-on-labs/ Tue, 22 Dec 2020 20:37:04 +0000 http://www.expertnetworkconsultant.com/?p=4252 Continue readingConfigure Cisco ASAv on GNS3 for Hands-on Labs]]> In this Configure Cisco ASAv on GNS3 for Hands-on Labs, we delve into getting the most popular Cisco virtualised firewall ASAv in GNS3 step by step.

GNS3 labs must be rich and cover contexts of networking which gives great hands-on experience for the student and professional alike. Imagine being able to configure site-to-site vpns between your ASAv and a Cloud Instance, and being able to perform a myriad of tasks in order to understand how the real world expectation might be between the chosen technologies?

The beauty of scalability that comes with virtualised appliances in network design architectures to prove a concept or test and troubleshoot scenarios?

With the Cisco® Adaptive Security Virtual Appliance (ASAv), you have the flexibility to choose the performance you need for your business. ASAv is the virtualized option of our popular ASA solution and offers security in traditional physical data centers and private and public clouds. Its scalable VPN capability provides access for employees, partners, and suppliers—and protects your workloads against increasingly complex threats with world-class security controls.

Create the initial master template for your ASAv

Download the ASAv qcow2 file with the OS version of your choice from Cisco.com.
Open GNS3 and click on File > + New Template >

Select Firewalls from the GNS3 Appliances List
Configure Cisco ASAv on GNS3 for Hands-on Labs

Install the Appliance on GNS3 VM as Recommended
Configure Cisco ASAv on GNS3 for Hands-on Labs

Choose “Default” for the VM type and hit next. Name the VM (ASAV 9.8.1 for example) and hit next. Select the x86_64 Qemu binary and set the RAM to 2048mb. Hit next.

Configure Cisco ASAv on GNS3 for Hands-on Labs

Select ASAv Version and Install and Click Next

GNS3 would locally locate the downloaded *qcow2 appliance and populate the list for you to make a choice. Select your ASAv version and click Next.
Select ASAv version appliance and click next

Click Next and Continue

It is a good idea to trial your idea with a single ASAv and once this has worked out well, apply it to the master template as the gold image for future replica ASAv firewalls.

Create a new GNS3 Project

Create a new GNS3 project

Drag ASAv into Workspace
Drag ASAv into Workspace

Right click on ASAv and change the symbol (this is an optional step)

Select Symbol for your ASAv,change the category to Security Devices, and set the console type to vnc. We will change this to telnet later in the guide as we apply this to our master ASAv appliance.

Select ASAv Symbol and Click OK

Select vnc from the drop down to set console type to vnc
select console type as vnc

Uncheck Use as linked base VM(This is recommended initially until you’ve got it all working as should)

Uncheck use as a linked base VM for ASAv
(It is recommended to perform all the necessary configurations before enabling this option which will make newer instances inherit the global settings. We shall do it as the final step once we get each bit done.)

Configure Cisco ASAv on GNS3 for Hands-on Labs

Start the ASAv and Click open with Console

Configure Terminal
Configure Terminal in ASAv VNC

Set Telness Access: Follow steps below
copy coredumpinfo to use_ttyS0

copy coredump.cfg from the coredumpinfo directory to disk0:/

ciscoasav#conf t
ciscoasav#cd disk0:/coredumpinfo/
ciscoasav#copy coredump.cfg disk0:/use_ttyS0

coredumpinfo successfully copied as use_ttyS0

Verify you work (always check if what you did worked)

ciscoasav# dir disk0:/

Directory of disk0:/

10     drwx  4096         07:29:52 Dec 18 2020  smart-log
8      drwx  4096         07:28:58 Dec 18 2020  log
11     drwx  4096         07:29:56 Dec 18 2020  coredumpinfo
7      -rwx  59           07:36:44 Dec 18 2020  use_ttyS0

1 file(s) total size: 59 bytes
8571076608 bytes total (8549355520 bytes free/99% free)

ciscoasav# 

Once the above steps are completed, go ahead and configure the master template. Now that we are happy that the telnet access works,

Set Console Type to Telnet

Now that you have set the use_ttyS0 on the ASAv, go ahead and power the ASAv off.

  • Right click on the ASAv and select configure.
  • Change the console type from vnc to telnet.
  • You must power the ASAv off to do this. You can change it with the device powered on, but you would encounter the error “No connection could be made because the target machine actively refused it”.

  • Click Apply > OK to save.
  • select telnet for vm and test access via ssh

    Click the Advanced settings tab. Uncheck the “Use as a linked base VM” box. We will check this later in the guide. Click OK then Apply > OK to save the device. This device will be configured as the “master template” for the ASAv.

    Check Use as a linked base VM
    Configure the ASAv for telnet access

    Close the preferences page, click Apply > OK to save the template.

    Now that we have Cisco ASAv working exceptionally well in GNS3, let us now go into configuring a sample Cisco ASA 5506-X Deployment Topology.

    Figure 1.0 Sample Cisco ASA 5506-X Deployment Topology
    install asav on gns3

    In this lab we shall Configure ASAv for the Internet using the following configuration sample.

    Figure 1.1: ASA 5506-X Factory Default Configuration

    
    !
    interface GigabitEthernet1/0
     nameif inside
     security-level 100
     ip address 192.168.1.254 255.255.255.0 
    !
    
    interface GigabitEthernet1/1
     nameif outside
     security-level 0
     ip address dhcp setroute 
    !
    
    !
    dns domain-lookup outside
    dns server-group DefaultDNS
     name-server 8.8.8.8 
     name-server 8.8.4.4 
    object network obj_any
     subnet 0.0.0.0 0.0.0.0
    !
    
    
    !
    object network obj_any
     nat (inside,outside) dynamic interface
    route outside 0.0.0.0 0.0.0.0 8.8.8.8 1
    !
    
    
    !
    dhcpd address 192.168.1.100-192.168.1.200 inside
    dhcpd dns 8.8.8.8 8.8.4.4 interface inside
    dhcpd enable inside
    !
    
    
    !
    class-map inspection_default
     match default-inspection-traffic
    !
    
    !
    policy-map global_policy
     class inspection_default
      inspect icmp 
    !
    
    
    

    Thanks for stopping by to read this article on how to Configure Cisco ASAv on GNS3 for Hands-on Labs. Below is a related article: How to Configure Cisco ASA 5506-X for Internet

    ]]>
    How to Calculate Subnet Mask from IP Address Step by Step https://www.expertnetworkconsultant.com/expert-approach-in-successfully-networking-devices/how-to-calculate-subnet-mask-from-ip-address-step-by-step/ Wed, 06 May 2020 20:46:30 +0000 http://www.expertnetworkconsultant.com/?p=3742 Continue readingHow to Calculate Subnet Mask from IP Address Step by Step]]> In as much as there are a great number of articles on the subject of subnetting, I have also taken a bold step in creating a step by step guide “How to Calculate Subnet Mask from IP Address Step by Step” to bring you the understanding I have gained in the real world where subnetting is concerned.





    Have you been faced with a task laced with many prefixes you find intimidating? Well, you are in the right place at the right time to improve your understanding of subnetting once and for all.

    You can read more on the subject broadly from Cisco’s website here.

    Step by step guide to IP Subnetting Video

    Below is a simple 6 step by step method I use to perform subnetting calculations.

    Let us look at this question below;

    1: You have been given an IP Address 10.20.4.13/29 and been asked to find out the following pieces;

    1. Subnet Address
    2. First Valid Host Address
    3. Last Valid Host Address
    4. Broadcast Address
    5. Subnet Mask

    How to Calculate Subnet Mask from IP Address Step by Step

    Step 1: Find Subnet Number
    Subtract Prefix Number from /32
    32-29=3

    Calculate Subnet Mask
    8 Bits – 3 Bits = 5 Bits(Network Bits Turned On)

    You might be asking why 8 Bits, 8 Bits are required for each octet.

    128 64 32 16 8 4 2 1
    1 1 1 1 1 0 0 0
    128 + 64 + 32 + 16 + 8 = 248

    Subnet Mask = 255.255.255.248

    Step 2: Find Subnet Size
    Raise 2 to the power of deduction (8-3 =5 Bits). Let’s call the bits n!
    2**n = Subnet Size
    2**5 = Subnet Sizes for each subnet.
    2*2*2 = 8

    Note: 8 is the block size for the subnet so for example, the increments will now be 0 8 16 32 40 and so on!

    Step 3: Find Broadcast Address
    Subnet Size – 1
    (2**n) – 1 = Broadcast Address
    (2**3) – 1 = (8-1) = 7

    Step 4: Locate IP Address Subnet
    Identify Subnet Block for IP Address:
    Where in each increment is the address 10.20.4.13/29 located 0 8 16 32 40?

    13 falls between 8 and 16 and therefore the address is in the valid host range of the subnet 10.20.4.8/29

    Step 5: Calculate Valid Hosts | How to calculate number of hosts in the subnet
    2**n – 2 = Valid Host Range
    2**3 – 2 = (8-2) = 6

    Answer for question now is as follows;

    Subnet Address: 10.20.4.8/29
    Min Host Address: 10.20.4.9/29
    Max Host Address: 10.20.4.14/29
    Broadcast Address: 10.20.4.15/29

    There you have it. A simple 6 step by step guide to subnetting effectively.

    Variable Length Subnets Mask Table

    Prefix size Network mask Usable hosts per subnet
    /1 128.0.0.0 2,147,483,646
    /2 192.0.0.0 1,073,741,822
    /3 224.0.0.0 536,870,910
    /4 240.0.0.0 268,435,454
    /5 248.0.0.0 134,217,726
    /6 252.0.0.0 67,108,862
    /7 254.0.0.0 33,554,430
    Class A
    /8 255.0.0.0 16,777,214
    /9 255.128.0.0 8,388,606
    /10 255.192.0.0 4,194,302
    /11 255.224.0.0 2,097,150
    /12 255.240.0.0 1,048,574
    /13 255.248.0.0 524,286
    /14 255.252.0.0 262,142
    /15 255.254.0.0 131,070
    Class B
    /16 255.255.0.0 65,534
    /17 255.255.128.0 32,766
    /18 255.255.192.0 16,382
    /19 255.255.224.0 8,190
    /20 255.255.240.0 4,094
    /21 255.255.248.0 2,046
    /22 255.255.252.0 1,022
    /23 255.255.254.0 510
    Class C
    /24 255.255.255.0 254
    /25 255.255.255.128 126
    /26 255.255.255.192 62
    /27 255.255.255.224 30
    /28 255.255.255.240 14
    /29 255.255.255.248 6
    /30 255.255.255.252 2
    /31 255.255.255.254 0
    /32 255.255.255.255 0
      Related Posts:

    How to connect GNS3 to a Physical Network Step by Step

    ]]>