Vandyke SecureCRT tips and tricks

Whether you are replacing Telnet or Terminal, or need a more capable secure remote access tool, SecureCRT is an application you can live in all day long. With the solid security of SSH, extensive session management, and advanced scripting, SecureCRT will help raise your productivity to the nth degree.

 

This is a few tips and tricks for people who use the SeccureCRT application for managing the remote servers

Building Python Development Station

my guide to build a python development VM on your local windows machine to combine both the efficiency of linux and the usability of windows laptop – I use pycharm as an example of python IDE but you can use any IDE that support the remote deployment.

For more info about remote deployment function please see the below link

 

 

Juniper MX BRAS – Part 3

As you notice from previous configuration. We have to configure the unit 1 with static VLAN (800) to create only ONE SUBSCRIBER INTERFACE . However in real world scenario this not necessarily the case. we need to make MX check the incoming vlan id from DSLAM and handle the creation of both VLANS and Units that hold the PPPoE sessions. BTW, Here’s a golden rule. One Vlan per Unit!

clip_image001

 

You can find below the interface structure in dynamic configuration. The physical interface is ae(Active Ethernet) and beneath it the auto-configure command that “instantiate” the VLAN and SVLAN from dynamic-profile

image

Read More »

Remote Deployment using Pycharm

Have you ever wanted to develop a Python or Web application for Linux from your laptop running Windows 7 or MAC OS X? Do you want to run your code that  will be published to whole world but afraid from the dependencies mismatch between your laptop and   production server?

Guess what: all of this is possible with the remote development features already available in PyCharm.

clip_image001

Read More »

The Poor Man VPN

You may have an IT team in your company who believe company productivity will be boosted if company disallow access to social media , streaming or even the soundcloud. Although some recent studies show that productivity has nothing to do with such sites

Don’t get me wrong, but I hate to be restricted or not having access to what I want, of course I won’t visit illegal sites or hiding my gampling history! using the corporate network but also I need some level of freedom to perform well. I will manage my own time!

Anyways whatever your final goal, make sure you’re not breaking any corporate policies

So let’s start

First here’s the topology and the normal call flow for Enterprise Network

clip_image002[6]

What we will try to accomplish is manipulate the corporate gateway and establish an SSH tunnel back to our home network (where everything is accessible from there and free!) then we will redirect our browsing traffic to home network back and forth.

No just that, we will enhance the tunneling by connecting our home router to DDNS provider

From firewall perspective, we just established an innocent SSH connection to somewhere in the internet

clip_image004[6]

 

Tools Used

Home Network

1-Modem (Home Router) that support Port Forwarding (most routers nowdays do)

2-VMware to run squid proxy server and SSH over Centos Machine

3-DDNS account (www.noip.com is my favorite, However if your purchased an static IP from your ISP then this step is not necessary but remember this solution is for poor guys J )

Client in Corporate

4-MobaXterm (to establish SSH tunnel back to VMware)

5- Browser

Read More »

Introduction to Diameter Protocol – Part 1

Introduction

Diameter is an authentication, authorization, and accounting protocol. used primarily for Service provider networks . It evolved from and replaces the much less capable RADIUS protocol that preceded it.

in this presentation I will try to familiarize you with the new AAA protocol and deep dive into the diameter protocol details, Credit Control Application (Gx,Gy and GZ) and sample use case for peering Sandvine PTS (Working as PCEF) with freePCRF.server and finally introduce you with seagull, a popular test tool to test different diameter-based scenarios

Hope You like it.

Juniper MX BRAS – Part 2

In this post I will continue to deep dive into the Juniper MX configuration and tweak it to work as a BRAS. Please refer to my previous blog post for more information on PPP protocol Stack

Let’s start

to configure MX as a BRAS,  The Following configuration is needed on BRAS

Basics Configuration

  • Interface creation –>configuration inside dynamic profile
    • Vlan Interface
    • PPP Interface
  • PPP Handling(PAP) –>configuration inside dynamic profile
  • Creating loopback
  • Radius Authentication – – >configuration inside access-profile
  • Radius Accounting – – >configuration inside access-profile
  • Address Assignment – – >configuration inside access-profileService and speed allocation

Advanced(Optional)

  • Advanced QoS
  • Change Of Authorization
  • Captive portal/redirection configuration
  • Wholesale

Read More »