DevOps principles are becoming very popular in the networking space. In this post, I will demonstrate how to setup a GitLab pipeline using your own GitLab Runner. By default, GitLab does have public runners that perform the same tasks. Overview In GitLab, a pipeline is a series of stages and jobs defined in a .gitlab-ci.yml […]
CI/CD Pipelines With Git Lab Read More »
BGP Path selection relies on the BGP attributes. I have described the eight most important BGP attributes in my previous BGP Basic Information post. Weight: The path with the highest weight is preferred. This is only locally significant and not affect any other router within the AS. Cisco only, used for outbound path selection Local Preference: The
BGP Path Selection Read More »
Cisco ACI Supports several methods of automation or infrastructure as code. For this example, I will be using Terraform to give examples of setting up different fabric policies using the Cisco ACI lab. Setup To get this setup, I have several things to do Lab Once the lab has been setup and VPN connected to
Cisco ACI – Automation Read More »
Cisco ACI is a software defined networking solution to control the management and monitoring of a VXLAN network. I know for myself and I think it is common that ACI is confusing at first as to why it’s required and what it actually solves. So I like to think of it as a third iteration
Cisco ACI – Application Centric Infrastructure Part 1 Read More »
For this post, I wanted to just go through the NetBox setup and the ability to get started with automation. Docker Compose I will be using Docker for NetBox. There is an easy to get started version of NetBox using NetBox Docker Install Docker Download the Docker Compose binary from the official GitHub repo Apply
NetBox Setup and Basic Automation Read More »
As a Network Engineer, my development workflows are not very disciplined or strong. I mainly use Git as a place to store my completed work, in the form of GitHub. This does work, however, I am missing out on many very useful features that Git version control has to offer and any collaboration with a
This lab takes the initial config from the post, Creating FortiGate Config with Terraform, and adds in the IPS config to the firewall rule that permits all traffic between INSIDE and DMZ. The IPS policy is the default from FortiNet that blocks critical attacks. The attack that I will demonstrate is the ever popular vsftpd
Enabling FortiGate IPS with Terraform – Metasploit Test Read More »
For this lab I have created a small topology with a FortiGate which will be configured with Terraform. There are two networks INSIDE 192.168.10.0/24 and DMZ 192.168.20.0/24. The other interface is for OUTSIDE this is connected into my home lab network and has an IP of 10.10.30.215. Terraform is used to configure the FortiGate firewall,
Creating FortiGate Config with Terraform Read More »
Terraform can be downloaded from here, Select the OS (Windows, in this case) and CPU type ADM64 is most likely. Once downloaded, extract the executable and move it somewhere. I have moved it to C:\Terraform Then add it to the path environment variable under: system >>> settings >>> Advanced system settings >>> environment variables Once
Terraform Installation – Windows Read More »
I am going to demonstrate two different FortiGate versions. 6.2.3 and 7.2.4. The major differences for a lab are in regards to the trial licencing and the limitations each has. The FortiGate trial licencing has some limitations that should be understood. Pre 7.2.1 the images had limited encryption usage quite heavily. For me this was
Adding FortiGate to GNS3 Read More »