I recently had some drama with a few NetScaler Virtual Servers that weren’t being monitored. I made some modifications to a script I had written previously¬†(which was inspired by Markus Kraus from¬†My Cloud-(R)evolution) and created a Custom sensor for PRTG. The script queries the powerful Citrix NITRO API on the NetScaler to retrieve a JSON…

Read More Monitoring Virtual Servers on a Citrix NetScaler using PRTG

I have recently been involved in some security audit work and found myself having to replace the self signed SSL certificates used by the secure HTTP service on a number of Cisco 3850 switches. It was a bit fiddly so I thought it deserved a post to cover the steps I went through.

Read More Generating a CSR using OpenSSL, signing it using a Windows CA and then installing it on a Cisco 3850 switch

A client recently needed to be able to use PRTG to monitor the state of an IPSec VPN Tunnel that was terminated on their Palo Alto Firewall array. Palo Alto firewalls have a very useful REST API so I was able to modify a Power Shell script that I had created previously to get the job done.

Read More Monitoring an IPSec Tunnel on a Palo Alto Firewall Using PRTG

Having an intelligent, scalable and easily searchable consolidation point for log files is a very useful capability. Graylog is an open source project that is able to ingest logs from a wide variety of sources and provides very useful visualisation, processing and alerting capabilities. This post will go through the details of how to install a single server instance of Graylog 2.3 onto Ubuntu 16.04.

Read More Setting up a syslog server using Graylog on Ubuntu 16.04 LTS – Part One

I was recently tasked with changing the Master Key at a client site that had a pair of Palo Alto firewalls arranged in an active/passive HA pair. Unfortunately the Palo Alto documentation I consulted neglected to mention a rather important step and I ended up snotting the passive firewall. This post details the correct procedure for changing the Master Key on an active/passive HA pair of Palo Alto firewalls.

Read More Changing the Master Key on a Palo Alto Firewall Active/Passive HA pair

There is a lot of literature available on configuring VXLANs using MP-BGP EVPN but they tend to focus on large multi pod service provider type topologies with lots of moving parts. This post covers a very simple DCI configuration for a two site topology using ingress replication and a collapsed leaf and spine.

Read More DCI using VXLAN with MP-BGP EVPN and Ingress Replication on a Nexus 9K

I don’t really have much operational experience with NX-OS so was very happy to recently discover that Cisco has a freely downloadable virtual version of the Nexus 9000 software. Though the setup process was fairly straight forward there were a few gotchas so this post will detail the process I used to deploy the NX-OSv 9000 into my home ESXi based lab.

Read More Installing and Configuring the NX-OSv 9000 in ESXi