Cisco ASA – Site to Site IPSec VPN with dynamic IP address

Setting up a policy based site to site IPSec VPN tunnel with static IP address is quite stright forward in Cisco ASA, but what if one of the end point is using dymanic IP address?

In this lab, I will be using 2 virtual ASA (9.6(2)) to create a site to site IPSec VPN tunnel, as well as setting up Cisco VPN client in one of the ASA with static IP address.

The ASA-F14 is the one with static IP address, and the ASA-F16 is using dynamic IP address.


Continue reading

Traffic Engineering – MPLS

This time we will handle the basic traffic engineering within a MPLS network. This technique allows network admin to manipulate the traffic and fully utilize the subscribed bandwidth or circuits.

Traffic engineering within a MPLS network can be more accurate and convenience than in a typical TCP/IP network, because TE are happened at the MPLS level only, which would not affect the base of the whole network topology. If manipulate traffic at the IP level, everything running on top of IP level will be affected.

The network topology for this testing is listed below.
Continue reading

Multicast Lab – Part 4 – NV-MVPN on Junos

It sure has been some times since the last multicast post. This time, we will put the lab into a higher level, and will be running the multicast on the MPLS VPN platform. Since this post is focusing on MCast only, the configuration for MPLS network will not be described with my detail. So let s dig in.


Continue reading

Playing with Multicast part 1.

It really has been a long time since my previous post. I have recently received a project that deal with multicast, a old technology that is really new to me.

I have been googling around for resources and references, and there are indeed a lot of results that mostly focus on theory. Therefore, I decided to contribute some of my hands on experiences for anyone who is building a similar lab as I do.

My lab builds from simple to complex (the difficulty is really based on my own experience only.) It starts from a playing multicast at a local area network and up to a MPLS VPN network.

Part 1 of the multicast post starts with 1x receiver and 1x sender in a local area network.

Part 2 of the multicast post is describes the lab with a router and one for each sender and receiver.

Part 3 of the multicast post is describes the lab with 3 routers and one for each sender and receiver.
(still organizing the information)

Part 4 of the multicast post is putting the lab from part 2 onto a MPLS VPN platform.
(still organizing the information)

Long story short, I will go straight to the part one deployment. The lab is simple; There is only 1 sender and 1 receiver within the same broadcast domain.



The Sender is an Ubuntu 14.04 32bit with updated components as of 2015 Dec,02. The receiver is a Win XP 32bit machine. Both of them are equipped with 512Mb of ram and 20G of hdd. Both machines are installed with VLC as for sending and receiving. There is a Junos device as their gateway, but it can be ignored for this lab since it does not have any PIM nor IGMP configured. Continue reading