10 tenets of working in IT – Tenet 10, Review

Introduction

The 10 tenets of working in IT series originally started with a post on PacketPushers back in 2012. I got a good response to that and when I was writing it, I had envisioned breaking out each tenet to its own post.

This final post in the series covers off how to review. Not just reviewing the other tenets from time to time but review your tasks, your career and your life.

Review

Reviewing is all about taking a look at where you are in your big plan. This will only be effective if you have set yourself goals. Whilst these targets can move and change based on circumstances, both within and outside your control, adapting to these changes is going to be more effective if you go through a regular review process.

Don’t micromanage yourself though, which will usually end up being counter-productive. I find that setting goals, breaking them down in to tasks and putting time scales against them makes it an easier job for me to keep on top of them and setting a regular review session, the frequency of which is usually determined by a combination of the end date and priority.

It’s also important to review your career progress. Have you been so heavily focussed on your current role for such a long period of time that you’ve missed opportunities to progress, either upwards or outwards? It is important to take a look down from a higher altitude to see what is on the horizon and potentially beyond.

The same goes for keeping a track on life in general. How many workaholics, highly successful career people, have sub-optimal personal lives because they apply all their energy to their careers and come home with nothing left in the tank? Sure, there are times when you know giving it 110% at work is going to pay off down the line e.g. pulling a project out of the disaster bin, and a compromise at home can be agreed with all parties, but if these periods extend for too long unchecked, things can go awry over time.

Treat your career and your personal life like a prized network; monitor, be proactive, tweak, capacity plan and get feedback from its users. The last thing you need is an outage.

Summary

It’s all very well having a solid plan of action with the skills and behaviours to see that plan through but if you don’t take a step back every now and again and review what you do, what needs throwing out and what can be improved, you may find yourself not achieving your full potential. Keep challenging yourself, measuring progress and moving forward.

I hope this series has been useful to you, at least in parts if not in its entirety. Feel free to get in touch or drop a comment in on the blog.

Till the next time

10 tenets of working in IT – Tenet 9, Know Your Place

Introduction

We all serve a purpose in life. Some people spend their entire life never questioning what theirs is, whilst others waste a lot of effort comparing the situation they find themselves in to others, in particular those they perceive as better off by one measure or another. This post looks at a few tips to try and help you find your purpose.

Know your place

Consider the bullet points below lifted directly from my original 10 Tenets of IT post on Packetpushers:

  1. Do not get depressed with not knowing everything
  2. Know what you don’t know; decide from that what you need to learn
  3. Don’t get bogged down comparing your abilities to others. You’ll either spend your life kicking yourself because you can’t emulate your heroes, or you’ll justify treading water because you are at least better than the guy sat next to you
  4. Be the best you can be
  5. Aspire to improve
  6. Drop things that you no longer need
  7. Fine tune that which you do

There are two key themes that compliment each other here. The first can be summarised as “Don’t beat yourself up” and the other is “Control your own destiny”. You shouldn’t waste time worrying about what you don’t know or what other people are up to. Decide what it is you want to be, plan how to get there and make it happen. A particularly well matched tenet here is tenet 8, focus.

Summary

In the introduction to this post, I wrote that we all serve a purpose in life. One of the key things that separates the get-bys from the successful people is the former allow themselves to be told what their purpose is and the latter define it for themselves.

Till the next time.

10 tenets of working in IT – Tenet 8, Focus

Introduction

In keeping with the topic of this post, I’ll try and keep it brief and to the point. What is it that separates the winners from the losers? The people who seem to be continuously increasing their knowledge from those who struggle to keep up? Those that seem to climb the career ladder with ease from those retiring from the helpdesk after an ‘illustrious’ 30 year career. This post looks at a key differentiator.

Focus

The ability to focus is a skill that takes both time and commitment to learn. Think of it like a leaky bucket, you can fill it up quickly but every now and again, you will have to top it up to stop it emptying.

If I were to list some of the key points relevant to being focussed on any task I set my mind to, it would include the following as a starter for ten:

  1. Understand exactly where you are right now. If you aren’t truthful with yourself, you won’t be able to plan your journey to success accordingly
  2. Understand clearly what success looks like. You should hit your goals with the sound of angels/ticker-tape parade/(insert appropriate analogy here). If you don’t nail this down, you run the risk of hitting your target without even realising it or worse still never achieving it
  3. In between where you are now and where you want to be is a journey. It could be a metaphorical walk in the park or it could be a inter-continental saga. Depending on how big a task you have set yourself, you need to plan accordingly. What will you need to get to the end, what milestones can you use to keep yourself on track, how will you measure your success?

In the interest of brevity, that is basically it. Make sure steps 1 and 2 give you a true understanding of where you are and need to be. This is the cornerstone to good planning. Step 3 is a recursive step to keep yourself right as you head towards your final destination.

Other things to bear in mind:

  1. Whether this is a mental goal e.g. learning a new skill, or a physical goal e.g. running a 10K, don’t neglect the other side. In particular, when going undercover studying for a new certification, don’t neglect your body. Eat, drink and exercise responsibly
  2. Use the other tenets in this series to keep a good balance. They should work together as a system, rather than being individual concepts
  3. Take a good look around once in a while. Have you become too focussed and let other things slip?
  4. Make sure you enjoy the journey too. This will naturally increase your chances of success
  5. Avoid the dreaded distractions that are focus killers. They differ from person to person but usually TV, social media, gaming and food are near the top of the list
  6. The art of focussing itself is circular. You have to tune it every now and again else run the risk of drifting off track

Summary

I’ll be the first to admit that I sometimes take my foot of the gas, or get drawn away by distractions. Having said that, when I want something or I need to get something done, I know how to focus and apply myself for sustained periods of time and when to take a break to maximise results.

Till the next time.

The 512K route issue

Introduction

I was first made aware of an issue when the hosting provider where I host this blog at were tweeting apologies on 12/08/14 for an interrupted service and I later received an excellently worded apology and explanation from them. A couple of colleagues also got in touch later that evening with reports from further afield.

The facts in no particular order

  1. Essentially, routers and switches either make the decision to forward packets in hardware using a special type of very fast memory called TCAM or more software based, using cheaper and somewhat slower RAM. The advantage of TCAM is its speed and its ability to provide an output with a single CPU cycle but it is costly and also a finite resource. RAM on the other hand is slower, but you can usually throw more of it at a problem. Depending on which model of router/switch you have depends on which forwarding method is used
  2. The number of IPv4 routes on the Internet has been growing steadily and increasingly since its creation. Back in early May 2014, this global routing table hit 500K routes
  3. The devices that use TCAM are not only restricted by the finite size available to it, but this TCAM is used for other things besides IPv4 routing information, e.g. access lists (ACLs), QoS policy information, IPv6 routes, MPLS information, multicast routes. So in effect, TCAM is partitioned according to the use the device is being put to. Cisco’s 6500 and 7600 switch and router platforms (respectively) have a default setting for each of these. On many of the devices, the limit for IPv4 routes is set to 512K
  4. Verizon have a big block of IP addresses that they advertise as an aggregated prefix
  5. On Tuesday, for some reason, Verizon started advertising a large amount of subnets within their block as /24 networks instead, to the tune of several thousand, causing the global routing table to exceed the 512K limit on those devices configured as such
  6. This had the impact that those affected devices did not have enough TCAM to hold the full Internet routing table and so the prefixes that didn’t make it in to the table would not be reachable. As prefixes come up and down on the Internet all the time, these routes would have been random in nature throughout the issue i.e. it would not have just been the Verizon routes affected

Are you affected?

If you have Cisco 6500 or 7600 devices running full BGP tables, you need to run the following command:

If the IPv4 line of output is 512k or lower, you are in a pickle and will need to change the settings by entering the command below:

Where the 1000 is the number of 1K entries i.e. the setting as shown in the first output would be 512. Typing a ‘?’ instead of the number will return the maximum available on your platform, so you could in theory be requiring a hardware refresh to add to your woes.

If you have an ASR9K, follow the instructions here to get to your happy place:

http://www.cisco.com/c/en/us/support/docs/routers/asr-9000-series-aggregation-services-routers/116999-problem-line-card-00.html

Most other router platforms use RAM and so the more you have, the more routes it can handle. The performance varies widely from platform to platform. You should check the vendor’s documentation for specifics e.g. the Cisco ASR1002-X will do 500,000 IPv4 routes with 4GB of RAM and 1,000,000 with 8GB RAM

Who is to blame?

There is an ongoing debate at the moment about whether Cisco are liable or the service providers. I would argue that it is predominantly the latter but Cisco could have done a better job of advising their customers. Cisco did post an announcement about this on their website a number of months ago, but I didn’t spot it so I’m assuming many other customers didn’t also.

Summary

Having said that, if you buy a bit of kit to do something, you need to take some responsibility for failing to include capacity planning in to your operational strategy.

Till the next time. (#768K!)

Wireshark 2 preview

Introduction

I recently updated my Wireshark installation to version 1.12.0 and during my normal happy-clicky install process, noticed one of the options to install was something called ‘Wireshark 2 Preview’. Intrigued, I carried on clicking, making sure there were no further boxes wanting to install the Ask Toolbar. (Die Java, just die!)

Wireshark 2 preview

As those of you who use Wireshark regularly will probably know, the developers announced a big change that was on its way back with the release of 1.11.0 in October 2013, that change being they were switching the user interface library from GTK+ to Qt. I believe this decision was arrived at to provide a more standardised feel for the app across multiple platforms. Also, support for GTK+ was waning.

First thoughts

When you install version 1.12.0, you will also get the option to add start menu and desktop icons for the version 2 preview. Upon opening the preview, the word that immediately sprung to mind was ‘clean’. It’s much less cluttered than the current version. In fact, it takes  a little getting used to, but that’s change for you.

I encourage you to go and try it out for yourself but a couple of things that I have noticed from playing with it that I like are:

  • The interface selection screen shows a mini utilisation graph so you can see at a glance which interfaces have traffic going over them. Useful if you have many NICs on your machine e.g. VMware installed
  • The IO graphs seem to be better scaled without any tinkering, plus have guidelines that make reading graphs easier. As these are exportable also, it makes reporting look prettier

Summary

Overall, I like the new version. As expected, there are a couple of bugs I’ve found that I’ll be feeding back to Gerald and his gang, but this definitely feels like a step in the right direction.

Till the next time.

Technical rewind

Introduction

I was recently thinking about the future of this blog and had been considering whether to bin it or come back to it with renewed enthusiasm. After all, there are thousands of other blogs out there that cover similar topics, ranging in quality from barely readable to excellent. Whilst I hope that mine falls no further down than the middle of that scale, I asked myself what value do people get from my own posts.

When I logged on to the admin portal for the first time in a while, I  saw two key things that made me realise that I should continue writing, perhaps not as frequently as some other bloggers, but with more posts that are close to my heart and hopefully that will shine through in my writing. The first was that, whilst my viewing figures are not particularly spectacular, they have been constant throughout my recent absence so people are still coming over, both to check out what is on offer and also from search results. The second thing I noticed was that there were almost a dozen updates for WordPress itself, the theme and some plugins and I found myself feeling quite protective and applied the relevant TLC.

Technical rewind

I’ve worked in IT for well over 10 years, achieved my CCNA back in 2009 and my CCNP in about 2012. I got past the half way point towards my CCNP Security and then something dawned on me. Something that made me down my certification tools and take a long look at myself. My appointment to a management role in the last year has only cemented my thinking.

The quest I was on to further my knowledge according to Cisco’s road map in addition to my new, less hands on role had left my foundational routing and switching knowledge less polished than I would have liked. I still function as a good network engineer, but I get a certain satisfaction from having nuts and bolts knowledge at my fingertips and I’ve been aware that this has slipped since the new year.

Regarding the certification path, the blueprints for most of the exams never match the on the job knowledge requirements. So in a busy world, you spend huge amounts of time learning about things that Cisco want you to learn, but your boss isn’t bothered about and quite often, nor should you be. They are just not relevant for the day to day or even tomorrow.

With that in mind and with the time that I am currently able to commit to studying, I am going to aim for the CCIE R&S Written as a way of refreshing my current certs but more importantly, I will deep dive in to all the relevant topics to give that much needed polish. Those studies will hopefully provide me with some good topics on which to blog too.

Summary

As I recently tweeted, I find that knowledge is a foundation to build upon rather than a skip to fill up. Being self aware of when that knowledge needs some maintenance is a key skill for any engineer to prevent it all falling down about them. Do your core skills need brushing up on?

Till the next time.

Back in the game

Remember me? It’s been a while since I last posted. Coincidentally, it was a few days before I stepped in to the Acting Head of Networks role at my current employer whilst the guy in that role was temporarily unavailable.

I’d felt in the months up to that point that I’d started to lose focus on my career. I’d lost the drive to study as much, I was enjoying my day to day role less and less. Then it all changed on the Monday I came in to the office in my temporary role. There were deadlines to hit, projects to complete and bridges to build. With little time to waste on trivial matters, I sat the team down and we discussed what steps lay ahead of us.

I was very pleased, and no less proud, to say that we all came together as a team and hit our targets. At the start of the New Year, my team leader decided to move on to pastures new permanently and so I was offered the role permanently which I accepted.

Whilst the responsibilities of the new role means that I need to do far less support work (save for when the crap hits the fan, when I can’t help myself), it does mean I get to spend more time reviewing the company strategy and looking at solutions that can deliver it. I can now start looking at ways to be more innovative, increase productivity and cut deployment/troubleshooting times as much as possible. I’m still a couple of exams away from my CCNP Security and to be honest, I’m in two minds as to whether I should complete it or focus my attention elsewhere.

So there you have it. Still working at a great company but in a role with the right people that makes me much happier. Focus has returned. There are a few things I want to carry out in the next couple of months or so to tidy things up and then its innovation central.

Till the next time.

Vegaskid.net is moving home

I am currently in the process of moving my domain to a new provider. Obviously, I am hoping that this will all go exactly to plan without any downtime, but please bear with me should the site go down at all.

Till the next time.

Update:

Site has now been migrated with only a couple of minor hiccups. If you find any issues with the way the site displays, please contact me at vegaskid@vegaskid.net and I’ll get straight on it.

The ten commandments of networking

Introduction

Earlier this year, I posted a quasi-zen tweet (@vegaskid1973) in jest which seemed to tickle the fancy of a few of you based on replies and retweets and so I thought I’d use the rare free ten minutes I find myself with to flesh out the idea, which I light-heartedly present here as the ten commandments of networking:

  1. You shall not trust a Visio diagram, lest you bring the customer site down
  2. You shall not covet a colleague’s serial cable. Get your own and hands off mine!
  3. You will backup and protect your configs like they were your first-born
  4. You shall not bear false witness against a network incident. Unless explaining it to management
  5. You shall have no other gods, but feel free to revere unicorns
  6. You shall not murder a good TCP joke unless you are sure they will get it
  7. You shall write the customer SLA/contract in such general terms so as never to breach it
  8. Remember the 7th layer of the OSI model. On it you shall not do any work, leave that to the devs
  9. You shall not commit config until you are confident your CV/resume is up to date
  10. Whilst you may be vendor agnostic, you must believe in intelligent design

Finally

Please add your own suggestions in the comments below.

Till the next time.

Are you a lion or a gazelle?

Introduction

There is an old fable that has been attributed to various sources, which I’m not concerned about verifying but it goes something like this:

Every morning in Africa, a gazelle wakes up knowing it must outrun the fastest lion, or it will be killed and eaten.  Every morning a lion wakes up knowing it must outrun the slowest gazelle, or it will starve  to death.  It does not matter if you are a lion or a gazelle…when the sun comes up each morning, you’d better be running.

Face value

The message here is clear. To survive, you have to keep moving, else become extinct. This is so applicable to the world of IT. Things change so quickly. Of course dinosaurs in IT do exist but in today’s climate more than ever, they are struggling to avoid being relegated to irrelevancy.

Reading between the lions (sic)

In my opinion, the fable offers far more value if you ask yourself whether you would rather be a lion or a gazelle, figuratively speaking, from the point of view of an IT professional and the information explosion we face on most days.  How best to deal with it?

Would you rather be a gazelle, trying to be ahead of the curve, having to keep up with every new technology, every vendor’s new product release, every new protocol, read every blog post, twitter feed, RFC, book, listen to every podcast, lab every scenario, attend every event, etc., fearful that you may be gobbled up if you stop?

Or would you rather be a lion and filter out the noise, focus on what is relevant, feast on the juiciest knowledge, that which will sustain you, make you stronger and still give you time to spend with your pride, comfortable in the knowledge that you are at the upper end of the food chain?

Summary

The art of survival is not just about making it through the day. It’s about focussing your efforts in the right place at the right time so you can keep enough energy for the other important things in your life. Be sure to refocus on whatever you are currently doing. It’s less about what you can achieve on a day to day basis but rather what you can sustain throughout your career and life.

Till the next time.

10 tenets of working in IT – Tenet 7, Honesty

Introduction

This isn’t a post about stealing your colleague’s lunch from the fridge in the kitchen. You will also be disappointed if you came here for advice on what to do about people who park in disabled parking spaces without a permit. Rather, it discusses being honest with yourself and with people you have real, direct interactions with.

Honesty

There are many related words/phrases I could have chosen to base a blog post on in lieu of honesty. Courtesy, integrity, morality, etc. They are all worthy attributes but I somehow feel that honesty encompasses all of them. Rather than get into a  deep philosophical discussion on truth and the ways of the world, I’d prefer to use some simple bullet points from the original 10 tenets post to keep things simple:

  • Be honest with yourself in the first instance
  • Only then can you be honest with colleagues, customers, friends and family
  • Know when to put your hands up and say “I don’t know”
  • Don’t bury things when you get something wrong, get it out in the open
  • Know when it is time to change job
  • Know when it is time to change career
  • Ask for the same level of honesty from the people you deal with (this needs to be addressed differently depending on who we are talking about!)
  • Ask for feedback about yourself from those people you deal with
  • Make sure you get your yearly appraisal. This is the ideal opportunity for you and your line manager to align your goals with that of the company

Summary

In an era when people are all too keen to splash details of their personal life online, discussing what they’ve had for dinner, who they were out with the night before and what they think of their boss, many people are still unable to be as honest with themselves or with people when face to face and not hiding behind ‘the net’.

It is human nature for people to build walls to hide behind and sadly, the first casualty is often truth. I’ve found that my career has taken the biggest leaps forward when I’ve been honest with both myself and those around me.

Try being more honest with yourself and with the people you deal with. You may find it  very liberating.

Till the next time.

Poll #1: what blog topics would you like to see more of on vegaskid.net?

Over the last few months, my blog hits have steadily increased so I must have been doing something right. Blogging is a rewarding task beyond reader numbers though as anybody who blogs themselves will hopefully know. Despite the fact that I have a lengthy list of blog post ideas, some already in draft form, I thought it would be an interesting exercise to ask my readers what sort of topics they would like to see here.

With that in mind, I would really appreciate a few moments of your time. Please select up to three topics below that you would like to see more posts on here at vegaskid.net.

Poll results

After a few weeks, the poll has finally closed. It seems that most people wanted a combination of lifestyle\career\studying type posts and R&S\Security. Nobody was interested in vendor posts and only three votes were cast for SDN\DC topics.

Thank you again for your time.

SDN: a vendor’s dream, simplicity’s nightmare

Introduction

You may have heard some rumblings over the last couple of years regarding Software Defined Networking, known better to save you time, as SDN. I’ve listened to countless podcasts, read dozens of blog posts and scoured the Internet trying to make sense of it in that time period and the conclusion I’ve come to is this:

Currently, there isn’t enough joint momentum and focus in the industry around SDN to make this something I need to care about. (12/09/13)

Note that I’ve dated my quote and with a very good reason i.e. I am hopeful that my opinion will change and sooner rather than later.

I liken the recent explosion around SDN to a volcanic eruption. It started off with some gentle rumblings beneath our feet. There were then a series of exciting tremors. Right now, there is a lot of hot air, dangerous fallout and toxic gases, some spectacular fireworks with several ‘oooo’ and ‘ahhh’ moments but it will be some time before things cool down and I’ll want to commit to walking out amongst it.  At that time, I’ll almost certainly blog again about how SDN helps me and my organisation.

In the beginning

When I first started learning about SDN, it was primarily about separating the control plane from the data plane. Centralised, policy based networking. One place to tell your nice GUI what you wanted and a controller that pushed that desire out to your estate. No more logging on to 100 devices and configuring each on a one by one basis. End to end control.

It sounded sweet, made perfect sense to me and was a vast improvement over having a centralised management system that still had to go out to each device that was autonomous and configure them one by one, albeit automatically. It is better still than manually configuring each device which is where many of us are and have been since time began.

Overlays

From intellectual discussions about overlays versus tunnels to ‘cute’ terms like ‘the only way is the overlay’, there is no denying that overlays are a hot topic at the moment. Speak to somebody who is buzzing about SDN and they’ll tell you that you need to make your physical underlay network solid, so you can overlay all of the unicorn goodness etc.

I’ve sat quietly back thinking all the while, why is this new? Surely you always want your underlying network infrastructure to be stable? It allows you to add the overlay networks on top more reliably and helps troubleshooting to boot. Then I saw a tweet from Ethan Banks referring to exactly what I had been thinking:

It seems we are getting excessively excited, not about brand new ways of doing things, but of different ways of doing things that we’ve done before, for many years. Sure, there is some innovative tech hitting the market place but it’s undermined by a deluge of ‘polished turd’ marketing and a lack of standards as each vendor tries to do best by themselves and not the industry.

OK, VMware’s NSX looks like it is willing to take the bull by the horns. Open Daylight looks promising and addresses some of my concerns around a collaborative effort. I do see huge potential with SDN but much more needs to be done.

Bandwagon

It happened with virtualisation, cloud, automation and orchestration. Terms that got molested by sales and marketing folk across the globe. Perhaps ‘cloud’ is the only one in that list that truly got mistreated to the same degree that is happening to SDN right now. It seems that barely a product release goes by without the mention of SDN. It’s actually insulting to me as an IT professional  that these vendors expect me to lap up their wares because I should be caught up in the hype. Let’s calm it down a bit people and start challenging the claims being made. Forget the shiny shiny and let’s start telling, nay, demanding what we want from the vendors.

What question is SDN trying to answer?

This is the key question for me. It’s why I’m not handing out leaflets in my local city centre with the virtues of SDN printed on it, or going to my CTO demanding budget to implement it. It’s also why, until now, I’ve not blogged about it. From clearer beginnings, I am now unsure what exactly SDN is trying to achieve. The waters have been muddied. Or to return to my initial metaphor, there is a lava misinformation regarding SDN.

Summary

I’ve seen the buzz around SDN grow exponentially over the last couple of years but my need hasn’t grown at the same rate. SDN, or rather the industry as a whole, needs to mature considerably before I’ll take it seriously. It needs to become more relevant. Until that time, I’m going to continue building solid networks that run the services that my customers are asking for.

Till the next time.

10 tenets of working in IT – Tenet 6, Share

Introduction

Let me share a little secret with you (wow, a post about sharing and I’m diving straight in with a share). People almost always get more done when they come together as a team, working towards a common goal. That doesn’t have to, and indeed should not mean continuous meetings. We live in a time where collaboration can be a far simpler task than it once was. Email, instant messaging, video conferencing, collaborative web portals and interactive whiteboards can all facilitate teamwork. Having said that, it all depends on how the team interacts with each other. If you are pulling in different directions, forget it. You’ll do more damage than good. But if you aren’t sharing, you are going to damage productivity. This post looks at how to share more effectively but makes the assumption that team frictions are at a minimum and that you are all aiming for the same goals.

Knowledge

There are three things, the lack of which are guaranteed to make me speak out. Communication, common sense and documentation. If you have knowledge of a customer infrastructure, write it up in an email, wiki article, Word document or whatever works for your organisation. Use standardised templates. Create document sets. Send links to colleagues. Use version control. Knowledge is power – sharing knowledge is the real power. Pass on tips. Give praise when receiving knowledge. Don’t assume people’s skills. Drop useful links on your blog\social sites. In a word, participate.

Skills

Despite having worked with some incredibly talented people in the field of IT, I’ve yet to meet one who couldn’t learn something from another person. Sharing your skills with somebody else has a number of benefits:

  • It empowers the person you are teaching to go away and do something they were previously unable to
  • It gives you an opportunity to clarify the knowledge in your own head
  • It is often helpful to bounce knowledge back and forth. This can lead to a mutual knowledge transfer that benefits all parties
  • It frees you up to do other work
  • On a more selfish note, it can be very satisfying to teach others
  • You remove the single point of knowledge failure syndrome, allowing you to sleep better when you are away on holiday, comfortable that  the knowledge isn’t also getting a suntan

Workload

Beyond sharing knowledge and skills, it is important to share workloads. Quite often, one or more people on the team will seem to be busier than others. This can happen for a number of reasons e.g. the person can’t help themselves volunteering for tasks, they are seen as an easy touch for dumping work on or they are renowned as the subject matter expert.

By documenting the things you and your team are responsible for and sharing your skills, you free yourselves up to share workloads, meaning that the people who were  busy before won’t get burned out (or at least not so quickly) and the people who were previously not so busy won’t have as much chance to get bored.

Summary

The concept behind this the tenet is sharing knowledge, skills and workloads. When that happens, we all grow as individuals, as teams and as organisations. The whole most certainly is larger than the sum of the parts. Failing to do so stunts growth and we fail to realise our true potential. Don’t let that happen.

Till the next time.

Running ASDM and WebVPN on the same interface

Introduction

So you are thinking of running ASDM and WebVPN on the same interface? This is quite a rare configuration for the simple reason that ASDM is a management tool and WebVPN is usually enabled on the outside interface and best practice would dictate using an internal or even dedicated management interface to allow ASDM\CLI connections to. However, in a lab environment, this isn’t such an issue. In fact, in my labs, the machine I manage the ASA from is also the machine I test VPN connectivity from so this is a requirement for me.

Running ASDM and WebVPN on same interface

You basically have two options. You can change the port that ASDM runs on, or change the port that WebVPN runs on. As stated, this is mostly seen in a non-production environment so it probably doesn’t matter too much which way you do it but if for any reason you had to use this configuration in production, you would probably want to change the ASDM port so your remote users don’t have to worry about changing ports.

Both options are very simple to implement. To change the ASDM port, you enter a modified version of the command you enter to enable ASDM:

This changes the ASDM port to 4343. As stated, missing out ‘4343’ still enables ASDM but on the default port of 443.

To change the WebVPN port only requires an extra line:

Of course, both services can be run on the same port if required, but you need to know the URL to access ASDM. (The WebVPN URL is the default and so will load with just the IP address\hostname). The ASDM URL at time of writing on software version 9.1(2) is:

https://ipaddress/admin/public/index.html

Once you have downloaded and installed the ASDM launcher, you again don’t need to worry about having different ports as the launcher itself connects to the correct URL automatically.

Summary

There may not be many situations in which you would consider running ASDM and WebVPN on the same interface but it’s good to know it can be done from both a port and URL point of view.

Till the next time.