Profile cover photo
Profile photo
Mohammed Al Baqari
89 followers
89 followers
About
Posts

Post has attachment
FTD URL Filtering
FP URL filtering capability
can classify the URLs based on: Categories (classification) Reputation (risk level) This varies from High Risk
(level 1) to Well Known (level 5) Category + Reputation Manual URLs If you select a reputation
level ...
FTD URL Filtering
FTD URL Filtering
tek-board.blogspot.com
Add a comment...

Post has attachment
CSR HA in MS Azure
I wanted to have CSR HA pair and I thought its as simple as HSRP or GLBP. Later found its more complicated than that. I watched one of Cisco Videos and one slid summarized the problem which I didn't see it document else ware. I wanted to share it here. This...
CSR HA in MS Azure
CSR HA in MS Azure
tek-board.blogspot.com
Add a comment...

Post has attachment
FlexVPN Debugs
FlexVPN IKEv2 Setup can be summarized: The details are below: FlexVPN follows legacy IKEv2
messaging by exchanging IKE_SA_INIT followed by IKE_AUTH exchange For sites with virtual
template interface (such as DVTI spoke), initiator will include CFG...
FlexVPN Debugs
FlexVPN Debugs
tek-board.blogspot.com
Add a comment...

Post has attachment
VRF-Aware IKEv2 DMVPN (+ iVRF/fVRF + EIGRP)
R1 …………………………………………………………………………………………………………………………………………… vrf definition dmvpn  !  address-family ipv4  exit-address-family ! crypto ikev2
proposal prop-01  encryption aes-cbc-128 aes-cbc-192  integrity sha256 sha512  group 14 15 ! crypto ikev2 policy
pol-01...
Add a comment...

Post has attachment
How Diffie Hellman Secret Session Key is Generated?
DH RFCs predefine p and g values
for each DH group Example is RFC 5114 which
defines p = B10B8F96 A080E01D DE92DE5E AE5D54EC 52C99FBC
FB06A3C6        9A6A9DCA 52D23B61 6073E286
75A23D18 9838EF1E 2EE652C0        13ECB4AE A9061123 24975C3C
D49B83BF...
Add a comment...

Post has attachment
Diffie Hellman Group Selection in IKEv2
Because the initiator sends
its KEi value in the IKE_SA_INIT, it must guess the DH group that the
responder will select from its list of supported groups.  If the initiator guesses wrong, the
responder will respond with a Notify payload of ty...
Add a comment...

Post has attachment
PFS in IKEv2
Unlike IKEv1, the Perfect
Forwarding Secrecy (PFS) Diffie-Hellman (DH) group value displays as 'PFS
(Y/N): N, DH group: none' during the first tunnel negotiation. After a rekey occurs, the
correct values appear. This is not a bug even though ...
Add a comment...

Post has attachment
IKEv1 vs. IKEv2
IKEv1 and v2 aren't
interoperable Fragmentation In IKEv1, large packets are
encrypted then segmented. The segments are encapsulated in UDP packets In IKEv2, large packets are
segmented then segments are encrypted. Delete Notification In IKE...
IKEv1 vs. IKEv2
IKEv1 vs. IKEv2
x-ccie.blogspot.com
Add a comment...

Post has attachment
Cisco ISE: REST API with Python - Get Internal Users
I am currently building python scripts to automate Cisco ISE configuration. Going through ISE documentation, I am exploring some errors in the python examples which won't work for ISE 2.3. I will be posting the corrections while I am exploring them.  The fi...
Add a comment...

Post has attachment
Have you tried to use PyCrypto in Python 3.x?
I had a requirement to use PyCrypto and was running Python 3.6.2. In summary it won't work. If you want to continue with Python 3.6.2, you need to use PyCryptodome. Otherwise, downgrade to Python 3.5.2 with the follow requirements: 1. Before installation of...
Add a comment...
Wait while more posts are being loaded