Building Python Development Station

my guide to build a python development VM on your local windows machine to combine both the efficiency of linux and the usability of windows laptop – I use pycharm as an example of python IDE but you can use any IDE that support the remote deployment.

For more info about remote deployment function please see the below link

 

 

Juniper MX BRAS – Part 3

As you notice from previous configuration. We have to configure the unit 1 with static VLAN (800) to create only ONE SUBSCRIBER INTERFACE . However in real world scenario this not necessarily the case. we need to make MX check the incoming vlan id from DSLAM and handle the creation of both VLANS and Units that hold the PPPoE sessions. BTW, Here’s a golden rule. One Vlan per Unit!

clip_image001

 

You can find below the interface structure in dynamic configuration. The physical interface is ae(Active Ethernet) and beneath it the auto-configure command that “instantiate” the VLAN and SVLAN from dynamic-profile

image

Read More »

Remote Deployment using Pycharm

Have you ever wanted to develop a Python or Web application for Linux from your laptop running Windows 7 or MAC OS X? Do you want to run your code that  will be published to whole world but afraid from the dependencies mismatch between your laptop and   production server?

Guess what: all of this is possible with the remote development features already available in PyCharm.

clip_image001

Read More »

The Poor Man VPN

You may have an IT team in your company who believe company productivity will be boosted if company disallow access to social media , streaming or even the soundcloud. Although some recent studies show that productivity has nothing to do with such sites

Don’t get me wrong, but I hate to be restricted or not having access to what I want, of course I won’t visit illegal sites or hiding my gampling history! using the corporate network but also I need some level of freedom to perform well. I will manage my own time!

Anyways whatever your final goal, make sure you’re not breaking any corporate policies

So let’s start

First here’s the topology and the normal call flow for Enterprise Network

clip_image002[6]

What we will try to accomplish is manipulate the corporate gateway and establish an SSH tunnel back to our home network (where everything is accessible from there and free!) then we will redirect our browsing traffic to home network back and forth.

No just that, we will enhance the tunneling by connecting our home router to DDNS provider

From firewall perspective, we just established an innocent SSH connection to somewhere in the internet

clip_image004[6]

 

Tools Used

Home Network

1-Modem (Home Router) that support Port Forwarding (most routers nowdays do)

2-VMware to run squid proxy server and SSH over Centos Machine

3-DDNS account (www.noip.com is my favorite, However if your purchased an static IP from your ISP then this step is not necessary but remember this solution is for poor guys J )

Client in Corporate

4-MobaXterm (to establish SSH tunnel back to VMware)

5- Browser

Read More »

Introduction to Diameter Protocol – Part 1

Introduction

Diameter is an authentication, authorization, and accounting protocol. used primarily for Service provider networks . It evolved from and replaces the much less capable RADIUS protocol that preceded it.

in this presentation I will try to familiarize you with the new AAA protocol and deep dive into the diameter protocol details, Credit Control Application (Gx,Gy and GZ) and sample use case for peering Sandvine PTS (Working as PCEF) with freePCRF.server and finally introduce you with seagull, a popular test tool to test different diameter-based scenarios

Hope You like it.

Juniper MX BRAS – Part 2

In this post I will continue to deep dive into the Juniper MX configuration and tweak it to work as a BRAS. Please refer to my previous blog post for more information on PPP protocol Stack

Let’s start

to configure MX as a BRAS,  The Following configuration is needed on BRAS

Basics Configuration

  • Interface creation –>configuration inside dynamic profile
    • Vlan Interface
    • PPP Interface
  • PPP Handling(PAP) –>configuration inside dynamic profile
  • Creating loopback
  • Radius Authentication – – >configuration inside access-profile
  • Radius Accounting – – >configuration inside access-profile
  • Address Assignment – – >configuration inside access-profileService and speed allocation

Advanced(Optional)

  • Advanced QoS
  • Change Of Authorization
  • Captive portal/redirection configuration
  • Wholesale

Read More »

Juniper MX BRAS – Part 1

 

In last few weeks, I Spent most of my time working on Juniper MX and try to evaluate it as a BRAS. Previously I was working on Juniper E Series Broadband routers and now some of my customers need to move to the new MX especially after EOL announcement of E series platform. So let’s start

 

Part 1: Introduction To PPP Protocol

Part2: Juniper Mx BRAS Configuration

Part3: Juniper Steel-Belted Radius Configuration

Part4: Final Thoughts and wrapping up!

 

First Here’s my topology that I will work on it

image

 

Nodes Name and Function

Node Name

Platform

PPPoE_Client Windows 7 with PPPoE Interface
PPPoE_server Juniper vMX router working as BRAS and with SM license installed on it RE14.1
AAA Juniper Steel-Belted Radius (SBR)
LDAP Any Open source LDAP , OpenLdap is OK

 

Read More »