100th Post - Anniversary Edition
Posted by Aragoen Celtdra on September 8th, 2008
[Edit] I just realized this was my 100th post. So imma go buy me a beer and leave it in the fridge until our next house party and one of my friends finds it there and drinks it. Yeah!
It’s been over a month since I began my research and knowledge-gathering on the re-implementation of our network VPN infrastructure. It’s not yet complete but I feel very accomplished and edified with the ways things have turned out so far.
We started out with all our remote offices/sites connecting to our corporate site via a mixture of different router-to-router VPN solutions (i.e. IPsec/GRE and DMVPN). Today we have all the routers in our remote sites connected on IPsec VPNs to our corporate office on an old PIX that we recently recomissioned. VPN client requests are also hitting our new (old) PIX and authenticated by a Win2003 RADIUS server.
I guess the sense of accomplishment comes from the fact that this is the first time I’ve ever implemented such a design. Add to that fact that I received little to no help from anyone at work - minus, of course, some tips from some excellent bloggers who read this little blog-o’-mine. Studying really does pay off! 
Next on my list (this project is only half complete):
- Configure dynamic routing, most likely OSPF. I think this one needs GRE to work so I will be reading up on that. Actually I’ve already read up on it so now I just need to see if I can lab it up. Or I can always test on the production routers like I’ve been doing. Real men test on production servers!
- My boss would like to have some sort of redundancy implemented so I will be working on that.
- This is just for my own use but I’d like to get MRTG up and running for bandwidth and traffic utilization monitoring. I’ve read about it before and was able to successfully install it. But I still wasn’t sure how to use it and exactly what it did. So I’d like to know more.
- I have to factor in, also, my BSCI studies. Because a big chunk of the time that I use to learn and configure our network is done during off hours (meaning during the times when I would be studying for BSCI). I’m trying to re-dedicate a good balance of time to get back on track with finishing BSCI and shooting end of October to take the test.
Ok, cool!
September 8th, 2008 at 1:55 pm
Might want to look into Cacti:
http://www.cacti.net/
For your bandwidth / traffic monitoring. We use it, and it’s pretty slick. If you’re thinking about getting some network monitoring setup, and wanting to go the FOSS route, I’d look into Nagios.
http://www.nagios.org/
Great work on everything else, keep it up!
September 8th, 2008 at 3:51 pm
That’s what it was called, Cacti! I was trying to remember the name ’cause I read about it somewhere but I couldn’t quite remember. Calico… colima…calculus… catacomb… cacophony… cataclyst all sorts of permutations did not turn up anything on google. LOL. Thanks.
My boss tried installing nagios two years ago but it didn’t work. I think he was trying to get too complicated before even getting to the basic installation first. So in turn, that kinda scared me off of nagios. Plus, my understanding was nagios was really designed better for monitoring services on host computers and servers (I don’t know). But it’s certainly worth a try.
September 9th, 2008 at 9:26 am
Lol, understood on the naming.
I can understand the frustration with Nagios, I tried a home install a ways back (read before I knew what I was doing) that didn’t go so well; however, we’re successfully using it (across multiple servers) to monitor something like 15,000 nodes (no one ever gives me an accurate count). We don’t get too tricky with it, just ping and SNMP; however, if all you’re looking for is up down, including interface status, with notifications it’ll definitely get you squared away. There’s even a quick install guide, or something along those lines, on their site.
Oh, and congrats on the 100th post!
September 9th, 2008 at 10:37 am
Haha! I did see that on the web site “Get Nagios 3.0 up and running in 15 minutes flat! No baloney.” If that’s the case, maybe I’ll give it a try. I don’t need to get tricky with it myself, anyway.
September 11th, 2008 at 2:48 pm
Cheers, look forward to the next 100 posts.
PS Too bad you won’t be at the USC game. I hope it’s not a scorcher, it’s been hot lately.