Custom Monitoring of Palo Alto with Perl and Cacti

August 30, 2014

7

1. The Global Counters The Palo Alto Firewall has released an API, that has some (not all) commands to issue through external programmable interface. This API is based on XML and makes it possible to issue specific commands with that you can check just for example some states of the firewall. Through the API it […]

Custom Monitoring of Cisco ASA with Lynx and Cacti

May 6, 2014

10

On packetpushers.net somebody wrote an articel about automatically get the outputs of show command of the cisco asa with lynx. That makes it possible to see if a specific counter for a feature, service or process or just interface counter changes, mainly increases, but you cannot see the size of the increase. In troubleshooting it […]

Query IPSEC VPNs with snmpwalk on Cisco ASA

May 5, 2014

3

The followings links can be used for the list of Cisco ASA SNMP MIBs. Cisco ASA SNMP MIBs: ftp://ftp.cisco.com/pub/mibs/supportlists/asa/asa-supportlist.html ftp://ftp.cisco.com/pub/mibs/v2/CISCO-IPSEC-FLOW-MONITOR-MIB.my OIDs Information page: http://www.mibdepot.com/cgi-bin/getmib3.cgi?win=mib_av&i=1&n=CISCO-IPSEC-FLOW-MONITOR-MIB&r=hp&f=ipsec-flow.mi2&v=v2&t=tree IKE SNMP Queries example 1. Check my IP in the firewall that terminates vpns. OID 1.3.6.1.4.1.9.9.171.1.2.3.1.3 OID NAME cikeTunRemoteValue OID Description The value of the local peer identity. If the local […]

Posted in: ASA, Cisco, Linux, Security, VPN

Triathlon Ingolstadt

February 7, 2014

0

Trainings road for triathlon/10 km running Run for your life! New road: Trainings road for triathlon/40 km biking Bike for your life!

Posted in: Uncategorized

Palo Alto troubleshooting commands

December 10, 2013

4

Its now a beautiful saturday afternoon outside and I sit here in this boring room and made this post about useful palo alto commands, that can help us in case of a problem arises. There is no wind, I wanted today go to windsurf… With my requirements for any networking layer 3 security device I […]

Lynx for Cisco ASA Management

December 10, 2013

3

Yes this is madness! A really old school browser can help me in managing cisco asa firewalls! I have just found this link, since I am developing perl scripts to manage cisco asa firewalls. http://packetpushers.net/interacting-with-the-cisco-asa-cli-using-the-https-interface/ Lynx saves about 50 lines of perl code for me and works much more faster as my perl script with […]

Checkpoint books for sale

September 18, 2013

7

I am selling my books from Check Point R75 Training. They are really important to read for all Check Point Admins: – Check Point Certified Security Administrator R75 Student & Lab Manual – Check Point Certified Security Expert R75 Student Manual & Lab Manual They contains more then what you can find in the Knowledge […]

Cisco ASA troubleshooting commands

September 18, 2013

19

With my requirements for any networking layer 3 security device I collected the basic commands that you have to know or you will not be able to manage your device. 1.0 Check the basic settings and firewall states Check the system status Check the hardware performance Check the High Availability state Check the session table […]

perl script to query cisco asa

September 17, 2013

0

I wanted to issue show command on multiple firewalls without any expensive software. I have found a script here https://docs.google.com/document/d/1Q0TfyezOTCKZ7DF2kPBps_7LG80D3BJLrFDuOwBUZNI/edit?pli=1 This script is good and can be used as a base. I have changed it a bit. See the pic. I should not hide the codes in pic ;-) . It is here in the […]

Tagged: ,

Firewall topology within a second – V2.0

September 16, 2013

5

There are time consuming jobs like creating a topology about the network of big companies, if they have an issue or some problem or it should be just dokumented as our ISO27001 Standard expects and it must be always up-to-date… I created a script that uses perl to build from the cisco asa firewall running […]