Sunday, March 31, 2013

emulate CISCO ASA 8.4 on GNS3


This tutorial is outdated. New tutorial can be found at http://www.tectut.com/2015/12/how-to-setup-cisco-asa-in-gns3/  . It is our new blog :-)

Today, I would like to share how to setup ASA 8.4 Firewall on GNS3.

[1] Download asa image for GNS3

here is the link :- http://www.mediafire.com/download/c228c2sjdyrkwf3/ASA_842.7z
This file contain with initrd, vmlinuz and asdm 6.4

In any case above link is not working use below alternative link to download the file :-
link 1 :-  http://ge.tt/9RjhgNs/v/0?c
link 2 :- https://www.box.com/s/3fybjit5jsudhwyvqwz8



[2] Download & Install GNS3


You can download latest version from
http://www.gns3.net/download/
or
http://sourceforge.net/projects/gns-3/files/GNS3/


[3] Configure GNS3 for ASA


go to "Edit" --> "Preferences..."
On "Preferences" window, select "Qemu" and then choose "ASA" from the tabs

Fill the ASA setting & ASA Specific Settings as below . Screen capture is attached for your reference.




GNS3 Preferences













Qemu Options  & Kernel cmd line is important


Identifier name :     ( you can give any name )
RAM :     1024MB  ( at least 1024MB)
Qemu Options :     -vnc none -vga none -m 1024 -icount auto -hdachs 980,16,32
Kernel cmd line :     -append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536

Click " save " and then "OK" and exit form that window.
drag and drop ASA firewall into work enviroment and run, It may take some time to boot please be patient !


[4] Configure activation keys


you can use one of below activation key
0x4a3ec071 0x0d86fbf6 0x7cb1bc48 0x8b48b8b0 0xf317c0b5
0xb23bcf4a 0x1c713b4f 0x7d53bcbc 0xc4f8d09c 0x0e24c6b6

for example :-

ciscoasa#conf t
ciscoasa(config)#activation-key 0x4a3ec071 0x0d86fbf6 0x7cb1bc48 0x8b48b8b0 0xf317c0b5
ciscoasa(config)#wr
ciscoasa(config)#exit

now it is done.

Friday, March 8, 2013

sharing folders using nfs on rhel

This tutorial guide you how to configure nfs share on rhel system.
Below is the details of nfs Server and client, both running Redhat enterprise Linux 6.2 64-bit

NFS Server :- host-name is server and ip address is 192.168.5.5/24
NFS Client :-  host-name is client and ip address is  192.168.5.3/24

NFS Server Configuration

[1]  Edit /etc/sysconfig/nfs

 To allow nfs traffic , should need to uncomment following variable LOCKD_TCPPORT ,LOCKD_UDPPORT, MOUNTD_PORT,  STATD_PORT on /etc/sysconfig/nfs as following


# TCP port rpc.lockd should listen on.

LOCKD_TCPPORT=32803



# UDP port rpc.lockd should listen on.

LOCKD_UDPPORT=32769



# Port rpc.mountd should listen on.

MOUNTD_PORT=892



# Port rpc.statd should listen on.

STATD_PORT=662



[2] Configure Firewall to allow nfs traffic .


TCP port 2049 for NFS.
TCP and UDP port 111 (rpcbind/sunrpc).

So let's edit the iptables file
[root@server ~]# vim /etc/sysconfig/iptables

By default this file contain few rules . Find following rule 
-A INPUT -j REJECT --reject-with icmp-host-prohibited
and insert bellow rules before that line

-A INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 111 -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp --dport 111 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 32803 -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp --dport 32769 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 892 -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp --dport 892 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 662 -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp --dport 662 -j ACCEPT


save and quit the iptabales file, then issue follwing command apply the new rules to system
[root@server ~]# service iptables restart

you can verify it by using following command
[root@server ~]#iptables -L


[3] Create a direcory to share with client


my share folder is /svrfile and i have assigned 
rwx (read write execute) permission for ugo (user group others).
[root@server ~]# mkdir /svrfile
[root@server ~]# chmod 777 /svrfile

[4] Edit exports file

[root@server ~]# vim  /etc/exports
and insert following line

/svrfile 192.168.5.3(rw,sync,no_root_squash)


192.168.5.3 is nfs client where i'm going share /svrfile . you can specify client host as  192.168.5.3/24
however /24 is default for class C network. If you wish to share with any host you can use '*' (without qutoes) instead of ipaddress.
Several parameters are available.I used rw,sync and no_root_squash . here is brief explanation.

rw :- enable read write
sync :-  Syncs write operations on request. Active by default
no_root_squash :- Treat remote root user as local root; remote root users get root privileges
on the shared directory

[5] restart rpcbind and nfs 

By default RHEL system is installed this services , If it is not you should have
to install .

[root@server ~]# service rpcbind restart

Stopping rpcbind:                                          [  OK  ]

Starting rpcbind:                                          [  OK  ]

[root@server ~]# 



[root@server ~]# service nfs restart

Shutting down NFS mountd:                                  [  OK  ]

Shutting down NFS daemon:                                  [  OK  ]

Shutting down NFS quotas:                                  [  OK  ]

Shutting down NFS services:                                [  OK  ]

Starting NFS services:                                     [  OK  ]

Starting NFS quotas:                                       [  OK  ]

Starting NFS daemon:                                       [  OK  ]

Starting NFS mountd:                                       [  OK  ]

[root@server ~]#



[6] refresh the export file


[root@server ~]# exportfs -r
if it is successful , no message will be displayed
please remember to refresh export file by issuing above command, If you are done any modification to export file.

further you can verify export file using following commands

[root@server ~]# exportfs -rv
exporting 192.168.5.3:/svrfile
[root@server ~]# 


[root@server ~]# showmount -e
Export list for server:
/svrfile 192.168.5.3
[root@server ~]#




NFS Client configuration


[7] enable services and create folder on client

we are done with NFS server configuration , so lets configure client, first of all create directory to share with server and then restart rpcbind and nfs services.

[root@client ~]# mkdir /clientfile

[root@client ~]# service rpcbind restart
[root@client ~]# service nfs restart


[8] Finally let's mount the nfs

[root@client ~]#mount -t nfs 192.168.5.3:/svrfile /clientfile



That's all , Don't hesitate to comment if you have question . have a nice day  !

Sunday, March 3, 2013

How to fix Google webmaster duplicate meta descriptions in blogspot


Google web master tool provides collection of tools for analyze the web/blog. Among those tools, HTML Improvements reports HTML errors on web/blog and provides suggestions to overcome those errors.
If you are new to Google webmaster, please look at Optimization --> HTML Improvements.
Most common error web masters are facing is duplicate meta description.




google webmaster tools duplicate meta descriptions









Most probably reason for that is, you have inserted same description meta tag on each and every page of the web/blog.Solution for blogspot blogs are really simple, you can find solution from here including blogger meta description best practices .  

If you are non-blogspot web master, please check your individual web page meta description ,
and make sure to remove duplicate  meta description tag  if it is there and create page specific
description that reflect your page content as description meta tag.


---

After 1 and 1/2 month time







Related Posts