Category Archives: Servers

Network Management using L.A.M.P., SNMP and Freeradius.

During my career i have been able to work with a number of programmers, students working on thesis or masters projects and programming for personal projects. One of the projects i helped with the development of, was called scripts. It was built using a L.A.M.P. setup, but also leveraging on other linux freeware such as SNMP, freeradius, cron/shell scripting, Subversion and Rancid. Scripts does nightly backups of configurations, allowing myself and others to do diffs and searches using grep and other linux processing tools.

Scripts front end was via the web interface, it authenticates users via LDAP and only displays the options they should be able to see.

scripts_home

 

For example, almost everyone wants to be able to see the “Managed ADSL Authentication Logs” but not everyone should be able to see configuration generators. The configuration generation was used to help installers keep to the standard baseline configuration, allowing other tools (like an over worked CiscoWorks LMS) to still function.

scripts1

 

Using information from mysql, it would then build the configuration, and leave it in a tftp/ftp directory that was cleaned out daily. Configuration of the switch once it was connected was a cut/paste job.

scripts2

 

Other tools included L2/Spanning-tree and L3/Vlan/IP configuration, ACL generation and Routing (OSPF, Policy Routing, Static Routing) generation. Being a web interface it worked well on laptops, desktops and mobile devices making it a go to tool.

L.A.M.P. Servers

I have made use of Linux, Apache, MySQL (or Posgresql) and PHP servers for alot of personal and work related projects. For example, i have used L.A.M.P servers to run things like freeradius servers or DHCP servers that use SQL for information to drive the services. Apache and PHP were used to provide an easy way for support people to check status of services and do other admin tasks.

I have also used PHP, MySQL and SNMP to do network management tasks, such as baseline checking of switch configurations, OS management, switch deployments and other standardized configuration tasks.

 

 

Remote Access and Site to Site VPN

During my career i have been able to deploy a number of VPN configurations to help support a corporate environment.

I was able to deploy Remote Access VPN services using Cisco VPN3000’s and then later Cisco ASA (eg. 5515X, 5525, 5585 models) to suit the requirements of the corporate environment. I was also able to utilize ASA’s to do Site-to-Site VPN to allow sharing sensitive corporate and medical information between organizations while maintaining security of both the corporate environments.

I have experience with software VPN products such as OpenVPN. OpenVPN was an excellent solution for out of band connectivity as there is good hardware and OS support. I used it to get OpenGear terminals to connect to a cloud VPS running OpenVPN for accessing terminals when a network disaster happens. I have established CA’s when using OpenVPN for certificate based authentication of users and terminals.