These are some tips I’ve put together on how to create a certificate using acme.sh then import it into a FortiGate firewall for use on the SSL-VPN or similar. Getting the Certificate and Key file I won’t go into too much detail on this – just use the acme.sh documentation to get a key+certificate: https://acme.sh […]
We use phpIPAM to manage all our IP Addresses, and we have recently built integrations between phpIPAM and our Kea DHCP server for reservations, and also into our BIND DNS server. These have been running on a schedule, which has worked well, but doing it that way means that it can take a while after […]
This is a simple script to send an email via MS’s O365 Service: Note how you need to set up an SSL context and perform .starttls() to properly create a secure connection.
We have recently set up an IPAM at my workplace, the excellent phpIPAM – https://phpipam.net/ I went through our install and added all our subnets into the IPAM, but to make the data much more useful we wanted to have the VLAN information also: However, I didn’t want to go through by hand, adding each […]
I’ve made a series of videos exploring the Internet Protocol Suite, and how it is used to make a connection to a website. It’s a deep dive into the stack, explaining all the way down to the ethernet frames that a computer sends on the local link.
This script is very simple. It will scan a network range attached to the device it is run from, and will turn what it finds into a list of reservations for the Kea dhcp server – https://kea.readthedocs.io/ You run it something like this, giving it a network range to scan. Then network should be a […]
When trying to find why my ospf configs were not sending the correct costing from Linux -> Cisco devices, I found some useful commands that I thought I would note down for future reference. Linux – Using vtysh My ospfd.conf looks something like this: You can see the costs on linux using the vtysh command: […]
Trying to SSH to a Cisco switch from Ubuntu 20.04 you may get this error. I’ve noticed the same thing from Redhat RHEL 8: This error is because Ubuntu 20.04 has disabled the SHA1-based key exchange methods after some attacks have been found on SHA1. To work around this issue for Cisco switches you can […]
I have been trying to find a way to create a regular backup of my Cisco switch’s running-config, so I can store it in my normal backups. However, after searching online I was able to find some tools that were almost there, but nothing that was quite as flexible as I needed, so I wrote […]
I recently decided to move away from using my Wifi access point as a router, and instead use an old my Raspberry Pi 2 as my router. I had a few reasons for doing this: I wanted a more up-to-date device as my internet facing box. My Wifi AP hasn’t received any firmware updates in […]