Our basic goal is to have a running instance of RANCID to collect network device configuration. We’ll be installing on Ubuntu 18.04.
This playbook aims to accomplish the following:
Initial RANCID installation and setup
Install Subversion (SVN) for version control
Install ViewVC for web interface to version control repositories
Scripting examples for configuring multiple devices
Future objectives and revisions to follow:
Utilizing local authentication for access to Apache
Utilizing LDAP authentication to Apache
Enabling E-mail notifications
Utilizing GIT for version control repository
Project – Create WordPress site on AWS Lightsail instance
This project aims to build a WordPress site on AWS Lightsail. This documents how my website started.
Create an AWS Lightsail instance.
Associate a static IP and domain to AWS Lightsail instance.
Install WordPress on LAMP stack.
Install SSL Certificate via Let’s Encrypt and enable auto renewal.
Project – Setup Netbox (IPAM) on AWS Lightsail with Let’s Encrypt for SSL
This project aims to install Netbox (IPAM) on an AWS Lightsail instance. Additionally, we’ll use Let’s Encrypt for adding SSL certificate.
Setup and AWS Lightsail instance.
Associate an IP and domain to the instance.
Install Netbox (an open-source IP Address Management tool)
Install SSL certificate using Let's Encrypt and setting-up auto renewal.
Project – Create a professional email for “Free”
This project aims to create my own professional email address. Some website registration requires the use of a company/professional email address so this project enables me to do that.
Use my domain for the email. This isn’t technically free, but the same effect can be done using free domain which is not covered by this post.
I’ll be using ZOHO mail free plan to create my company/professional email.
Playbook – Deploy Palo Alto VM-series firewall on AWS
Document how to deploy Palo Alto VM-series firewall on AWS.
Create and setup the AWS environment
Deploy the Palo VM-series firewall on EC2 instance
Initial firewall configurations
Setup test environment for a web server accessible via internet through the Palo Alto firewall
Simulation – BGP over IPsec VTI on Cisco ASA
In this scenario, we’d like to establish an eBGP peering between Site-A and Site-B over an IPsec VTI tunnel passing the internet. Virtual Tunnel Interface (VTI) support for ASA VPN module was introduced on 9.7.1 release.
Simulation – BGP over IPsec VTI across two DC scenario
In this scenario we’ll simulate a setup where there are two DC providing internet egress for out SITE1.
eBGP peering is established over IPsec VTI that are configured on both DC ASA firewall.
We’ll implement dual IP SLA tracking on the ASA firewall.
We’ll try to load balance traffic by utilizing path-1 for internet traffic and path-2 for remote office traffic.
This simulation takes into account how failover and backup path will be handled in this kind of setup.