martes, 22 de diciembre de 2015

Juniper CLI Backup




 dieseb@router1> file copy /config/juniper.conf.gz  server1:/homes/dieseb/tmp 
 dieseb@server1's password:
 juniper.conf.gz               100% 2127       2.1KB/s       00:00


 [edit]
 dieseb@router1# save server1:configuration-date
 dieseb@server1's password:
 tempfile                      100%    11KB    11.2KB/s      00:00
 Wrote 433 lines of configuration to 'server1:configuration-date'


 [edit]
 dieseb@router1# save  configuration-date 
 Wrote 135 lines of configuration to 'configuration-date'
 dieseb@router1# run file list 
 /var/home/dieseb:
 .ssh/
 configuration-march02


 [edit system]
 dieseb@router1# set archival configuration transfer-on-commit 
 dieseb@router1# set archival configuration archive-sites ftp: //dieseb:password@server1.
 mynetwork.com:/config

martes, 20 de octubre de 2015

Comandos FORTINET



Fortinet Firewall Commands

// Health and Status

show [enter] //Note that output is only non-default values.
show full-configuration // Show all configurations on the device.
show system interface wan1 | grep -A2 ip // Show WAN and interface information.
get system info admin status // Show logged in users
get system status // Show system hardware/software update versions
get hardware status // Detailed hardware model information
get system performance status
get system performance top
show system interface // Interface Configuration
diagnose hardware deviceinfo nic // Interface Statistics/Settings
diagnose hardware sysinfo memory
diag debug crashlog read
diag hardware sysinfo shm // Device should be in 0, if (>0) then conservemode
get system global | grep -i timer // Show tcp and udp timers for halfopen and idle
get system session-ttl // System default tcp-idle session timeout
execute ha manage <devid> // send heartbeat accross management link.
get hardware nic
diagnose ip address list
get system interface physical

// ARP

diagnose ip arp list

// Track and Troubleshoot
get system session status // Connection count for ingress/egress
get system session-info full-stat // Displays session status with breakdown by state
get system session list // Session list, protocol, expire, src nat, dst nat
diag sys session // Basic output with no filters of diag sys session
diag sys session filter <option> <value> // Capture filter based on src, dst, duraction, policy id, vd

// Packet capture

diag debug info // Displays active debug
diag debug enable // Enable debug

#diagnose debug flow filter (shows what filters are configured)
#diagnose debug flow filter clear (clear all filter)
#diagnose debug flow filter <options> <value> (configures the filter)
#diagnose debug flow show con enable <show output on console>
#diagnose debug flow show fun enable <show functions>
#diagnose debug flow trace start <number of lines> (to start the trace)
#diagnose debug flow trace stop (to stop the trace)

Example:
diagnose debug reset
diagnose debug enable
diagnose debug flow filter clear
diagnose debug flow filter saddr 192.168.10.1
diagnose debug flow filter dport 80
diagnose debug flow show con enable
diagnose debug flow show fun enable
diagnose debug flow trace start 20

diagnose sniffer packet <interface or ANY> ‘<arguments>’ <level 1-6>

example:
diagnose sniffer packet ANY ‘net 192.168.10.0/24 and not host 192.168.10.1 and port 80 and TCP’ 6

Syn packets only:
diag sniffer packet internal ‘tcp[13] == 2'

to stop:
diagnose debug reset
diagnose debug disable

// Enable packet capture in GUI

System -> Config -> Advanced
Setup packet capture filter, Check box to start, Uncheck to stop.
Download Debug Log

by Jonathan Rennie

http://stackfire.com/fortigate-cli-comandos-utiles-i/
http://kb.fortinet.com/kb/documentLink.do?externalID=FD36793

get sys status
diagnose hardware sysinfo memory
diagnose hardware sysinfo shm
diagnose ips dissector status
get sys perf status
diag sys session full-stat
diag sys session6 full-stat
dia netlink device list
dia test app http 4
dia test app proxyworker 4
diag firewall statistic show
diag firewall packet distribution
dia stats per-ip-bw
diagnose hardware sysinfo shm
diag sys top

miércoles, 2 de septiembre de 2015

GUIA RÁPIDA PARA LA ACTUALIZACIÓN DE LA PLATAFORMA DE SEGURIDAD JUNIPER. (HA)





ALISTAMIENTO
1.       Ingresar al firewall via ssh
2.       Validar la versión del equipo
·         show versión
3.       Validar estado del cluster
·         show chassis cluster status
·         show chassis cluster interfaces
4.       Realizar respaldo de la configuración del equipo.
·         show configuration | display set | no-more 
5.       Realizar limpieza de memoria en cada uno de los nodos del clúster.
·         request system storage cleanup
6.       Verificar espacio disponible. (/cf/var)
·         show system storage
7.       Copiar la imagen a la carpeta elegida del nodo principal. (/cf/var/tmp)
·         Ingresar al firewall via ftp y copiar la imagen. (recomendable con winsSCP)
·         Validar que la imagen este en la carpeta, file list /cf/var/tmp detail | match junos
8.       Ingresar vía ssh al firewall y copiar la imagen del nodo principal al de respaldo.
·         file copy  /cf/var/tmp/junos-srxsme-xxxxxx-domestic.tgz  node0:/cf/var/tmp
ACTUALIZACION
1.       Ingresar via ssh al nodo principal
2.       Ingresar al nodo de respaldo:
a.       > start Shell
b.      % rlogin -T noed0  ènode0 o node1, según sea el caso.
3.       Cargar la imagen sobre el firewall de respaldo
a.       request system software
4.       Ingresar al nodo principal en una segunda session via ssh
5.       Cargar la imagen sobre el firewall principal
a.       request system software
6.       Reinicar nodo de respaldo
a.       request system reboot
7.       Reiniciar nodo principal
a.       request system reboot

VALIDACION
1.       Ingresar al firewall via ssh
2.       Validar la versión del equipo
a.       show versión
3.       Validar estado del cluster
a.       show chassis cluster status
b.      show chassis cluster interfaces