Friday, April 16, 2010

Recover ASA Software from ROMMON

Just putting these commands in a handy place since this seems to happen more often than I thought...
rommon #1> ADDRESS=192.168.1.10
rommon #2> SERVER=192.168.1.1
rommon #3> GATEWAY=192.168.1.1
rommon #4> IMAGE=asa800-232-k8.bin
rommon #5> PORT=Ethernet0/0
rommon #6> tftp
Posted by at No comments:
Labels:

ASA/PIX Order of Operations



====================
Packet Flow Sequence
====================
PIX/ASA - Inside (Higher Sec_Lev) to Outside (Lower SEC_Level)
---------------------------------------------------------------
Eg. Type - [Sub-Type] - Description
1. FLOW-LOOKUP - [] - Check for existing connections, if none found create a new connection.
2. ROUTE-LOOKUP - [input] - Initial Checking (Reverse Path Check, etc.)
3. ACCESS-LIST - [log] - ACL Lookup
4. CONN-SETTINGS - [] - class-map, policy-map, service-policy
5. IP-OPTIONS - [] -
6. NAT - [] - xlate
7. NAT - [host-limits] -
8. IP-OPTIONS - [] -
9. FLOW-CREATION - [] - If everything passes up until this point a connection is created.
10. ROUTE-LOOKUP - [output and adjacency] -
Posted by at No comments:
Labels:

Thursday, April 1, 2010

Using ESXTOP With VMware ESXi





Just a quick post about using ESXTOP with VMware ESXi. Obviously in ESXi there is no Service Console so we have to use the vMA (vSphere Management Assistant) to help us. If you haven't installed the vMA on your infrastructure yet, you can download it here:http://www.vmware.com/support/developer/vima/
Once install and configured, login and run the following command: resxtop –server
You will be prompted to login, use the root user/pass of the Host you want to run ESXTOP on (Note: Logging in as root will not work if the Host is in "Lockdown Mode".). You should then be presented with ESXTOP, I believe it has all of the same function as it did in the Service Console
Here you can see all avaliable options when connecting to a Host using RESXTOP
usage: resxtop [-h] [-v] [-b] [-s] [-a] [-c config file] [-d delay] [-n iterations]
               [--server server-name [--vihost host-name]] [--portnumber socket-port] [--username user-name]
              -h prints this help menu.
              -v prints version.
              -b enables batch mode.
              -s enables secure mode.
              -a show all statistics.
              -c sets the esxtop configuration file, which by default is .esxtop4rc
              -d sets the delay between updates in seconds.
              -n runs resxtop for only n iterations.
              --server      remote server name.
              --vihost      esx host name, if --server specifies vc server.
              --portnumber  socket port, default is 443.
              --username    user name on the remote server.
       for more information on interactive and batch modes
       please see man page for resxtop.
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)