As I wrote on my recent post here, I was involved into a project to implement a Meraki MX into the Azure Cloud. This project also includes a migration phase with site-to-site VPN tunnels between Meraki MX and Cisco ASA. Even if the “Non-Meraki VPN peers” are supported on the Meraki MX, you may have
Read More »
Recently, I was involved into a project where we had to deploy a Cisco Meraki vMX100 into Microsoft Azure cloud and build site-to-site and clients VPNs. The setup process on Azure is relatively simple, however, I lost quite a lot of time on basic issues because the documentation provided by Cisco is not 100% accurate.
Read More »
The IPv4 full BGP table size is at around 725000 prefix now. This may cause problems for companies who do not have the resources to update or upgrade their edge routers. But, except for Internet transit providers, who does really need to get the full IPv4 BGP table today? And what are the alternatives? Let’s
Read More »
Here is my journey to start learning network programmability and automation, and how I get the Cisco network programmability specialist certification (300-550 exam). In this post, I give you the links towards all the resources which I used to study. Back in 2015: SDN, new fancy buzzword or a paradigm shift? I started this journey
Read More »
After being six times at Cisco Live Europe between 2009 and 2016, this year my management allowed me to go to Cisco Live US. I registered last week and now I am starting to see some rumors about the customer appreciation event (CAE) and the keynote speakers. Customer Appreciation Event First rumor read here and there,
Read More »
On Cisco routers, by default the BGP protocol will not do load-sharing – and even less unequal cost load-sharing – across multiple links, for traffic to the same eBGP destination with different AS-path. Let’s see how we can change this. We can configure the command: “maximum-paths n”, but it only works if the weight, local-pref. and AS-path attributes
Read More »
I passed the CCIE R&S written exams version 4.0 and 5.0, studied for the lab exams for both versions with workbooks and mock labs from many vendors such as INE, IPexpert (closed today), Narbik Kocharians / Micronics Training and Cisco expert-level training. I attempted the CCIE R&S lab exam once on version 4.0 and three times
Read More »
The Cisco Embedded Event Manager or Cisco EEM is a software component of Cisco IOS, IOS-XR, and NX-OS that provides real-time network event detection and onboard automation. EEM allows you to automate tasks, perform minor enhancements and create workarounds and can makes life easier for network operators by tracking and classifying events that take place on a
Read More »
Recently, a customer called me to configure Netflow on these routers because he just installed NetFlow Analyzer software from ManageEngine. This software is an “all in one” NetFlow collector, database, WebUI software, able to build pretty nice reports. In my opinion, Netflow is one of the absolutely required software to have a good visibility when you operate a
Read More »
Cisco Meraki access-points can operate as mesh repeaters, which allows them to extend the wireless network range. Since repeaters also support wired clients plugged into their wired interface, a repeater can be used to bridge a remote LAN segment back to the main network. This article explains how the LAN can be extended via a wireless bridge, including
Read More »
Configuring a LACP link aggregation, EtherChannel, or port-channel, or Eth-trunk between Huawei and Cisco switch is something very common. But since the configuration syntax between the two vendors is different, it can be confusing. In this article, I will show how to configure a LACP port-channel – called Eth-trunk on Huawei – properly between a
Read More »
Wireless mesh networking is included and enabled by default in every Cisco Meraki AP. The goal is to create a self-healing network that is resilient to cable and switch failures. But, how does it works exactly? How does an AP choose between the existing neighbors? How can we monitor the status and performances of a
Read More »
A Cisco C2960X stack can have up to 8 members, however there is only one master on the stack. Adding a switch to the stack without taking a few precautions can have disastrous consequences. Prerequisites First, all stack members must run the same Cisco IOS software image. The same means also the same feature-set. Then,
Read More »
This morning, I received a notice about a Cisco Meraki MX firmware upgrade planned for a security appliance I have in my lab. The message lists the new features: Layer 7 traffic classifications for VPN flow preferences Syslog export of AMP events Added support for using FQDNs in L3 firewall rule destination Threat Grid
Read More »
The GUI application to use Cisco VIRL, VM Maestro, comes with a basic internal Telnet and SSH client called “Cisco Terminal”. If, like me, you want to use the rock-solid SecureCRT as terminal emulator client, you need to change the the VM Maestro preferences. VM Maestro configuration Open VM Maestro Go to File and open
Read More »