Microsoft Teams: Set preferred calling application

Tags

, ,

By default Microsoft Skype for Business will be preferred application to receive incoming voice call. We can set it to Microsoft Teams by using powershell.

1. Click Start, click All Programs, click Accessories, click Windows PowerShell, and then click Windows PowerShell.

After the Windows PowerShell console appears, you must then create a Windows PowerShell credentials object. The credentials object is used to securely convey your user name and password to Skype for Business Online. To create a credentials object, type the following command at the Windows PowerShell prompt and then press ENTER:

$credential = Get-Credential

After you press ENTER, you should see the Windows PowerShell Credential dialog box. In the User name box, type your Skype for Business Online user name. In the Password box, type your Skype for Business Online password.

if you want to verify that the object was created, simply type the variable name at the Windows PowerShell prompt and press ENTER:

$credential

2. Next you need to import SkypeOnlineConnector module. To do that run the followign commands:

Set-ExecutionPolicy Unrestricted
Import-Module SkypeOnlineConnector

3. After you have created the credentials object, you can then create a new remote Windows PowerShell session that makes a connection to Skype for Business Online. To do this, type the following command at the Windows PowerShell prompt and then press ENTER:

$session = New-CsOnlineSession -Credential $credential -Verbose

If your connection succeeds, you’ll see messages similar to this in the Windows PowerShell console:

Screen Shot 2018-04-08 at 12.54.14 am

Continue reading

Azure Site 2 Site VPN [AZ Scripts]

Tags

,

This tutorial is ow how to do site 2 site vpn with on prem data center.

VNet Name: MyVnet
VnetName = MyVNet
ResourceGroup = MyRG
Location = Australia East
AddressSpace = 10.11.0.0/16
SubnetName = DefaultSubnet
Subnet = 10.11.0.0/24
GatewaySubnet = 10.11.255.0/27
LocalNetworkGatewayName = RemoteVPNSite
LNG Public IP =
LocalAddrPrefix = 192.168.1.0/24
GatewayName = MyVNetGW
PublicIP = MyVNetGWIP
VPNType = RouteBased
GatewayType = Vpn
ConnectionName = MyVNettoRemoteSite

1. Create a resource group

az group create --name MyRG --location australiaeast

2. Create a virtual network

az network vnet create --name MyVNet --resource-group MyRG --address-prefix 10.11.0.0/16 --location australiaeast --subnet-name Subnet1 --subnet-prefix 10.11.0.0/24

3. Create the gateway subnet

az network vnet subnet create --address-prefix 10.11.255.0/27 --name GatewaySubnet --resource-group MyRG --vnet-name MyVNet

4. Create the local network gateway

az network local-gateway create --gateway-ip-address 110.145.123.123 --name RemoteVPNSite --resource-group MyRG --local-address-prefixes 192.168.1.0/24

5. Request a Public IP address

az network public-ip create --name MyVNetGWIP --resource-group MyRG --allocation-method Dynamic

6. Create the VPN gateway

az network vnet-gateway create --name MyVNetGW --public-ip-address MyVNetGWIP --resource-group MyRG --vnet MyVNet --gateway-type Vpn --vpn-type RouteBased --sku VpnGw1 --no-wait

List of IPsec/IKE policy supported by Azure: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-compliance-crypto or you can try:

az network vpn-connection ipsec-policy add --connection-name MyVNettoRemoteSite --dh-group DHGroup14 --ike-encryption AES256 --ike-integrity SHA256 --ipsec-encryption AES256 --ipsec-integrity SHA256 --pfs-group None --resource-group MyRG --sa-lifetime 3600 --sa-max-size 102400000

7. Create the VPN connection

az network vpn-connection create --name MyVNettoRemoteSite -resource-group MyRG --vnet-gateway1 MyVNetGW -l australiaeast --shared-key abc123 --local-gateway2 RemoteVPNSite

I have issue peering with Sophos XG Firewall with firmware version SFOS 16.05.8 MR-8. But SFOS_17.0.2_MR-2.SF300-116 fix the issue.

fakrul@Azure:~$ az network vpn-connection show --resource-group MyResourceGroup --name MyVirtualNetworkConnection --output table
ConnectionStatus ConnectionType EgressBytesTransferred IngressBytesTransferred Location Name ProvisioningState ResourceGroup ResourceGuid SharedKey
------------------ ---------------- ------------------------ ------------------------- ------------- -------------------------- ------------------- --------------- ------------------------------------ -----------
Connected IPsec 17247 6340 australiaeast MyVirtualNetworkConnection Succeeded MyResourceGroup 80f504f6-ed42-400c-a69c-1a270a7fefba abc123
fakrul@Azure:~$ az network vpn-connection list --resource-group MyResourceGroup --output table
ConnectionType Location Name ProvisioningState ResourceGroup ResourceGuid RoutingWeight
---------------- ------------- -------------------------- ------------------- --------------- ------------------------------------ ---------------
IPsec australiaeast MyVirtualNetworkConnection Succeeded MyResourceGroup 80f504f6-ed42-400c-a69c-1a270a7fefba
IPsec australiaeast MyVNettoRemoteSite Succeeded MyResourceGroup 698a2b4d-ca71-4834-a576-8cb7ae077b2c 10

Sophos Profile:

Capture


					

Oxidized ~ Network Device Configuration Backup

Tags

, , , , ,

Oxidized is a network device configuration backup tool. It’s a RANCID replacement!

For details please check : https://github.com/ytti/oxidized

1. Install all required packages and gems.

sudo apt-get install ruby ruby-dev  libsqlite3-dev libssl-dev pkg-config cmake libssh2-1-dev tree -y
sudo gem install oxidized
sudo gem install oxidized-script oxidized-web

2. It is recommended practice to run Oxidized using its own username. This username can be added using standard command-line tools:

sudo useradd -m -d /home/oxidized oxidized
sudo su - oxidized

3. To initialize a default configuration in your home directory ~/.config/oxidized/config, simply run oxidized once.

oxidized

Continue reading

SSH using public key authentication to IOS

Tags

,

ip domain-name router.fakrul.com
!
crypto key generate rsa
ip ssh time-out 60
ip ssh authentication-retries 2
!
username fakrul privilege 15 secret R@nDomp@$$worD!
!
ip ssh pubkey-chain
 username fakrul
 key-string
 ! copy the entire public key as appears in the cat id_rsa.pub including the ssh-rsa and username@hostname.
 exit
 exit
!
ip ssh server algorithm authentication publickey !enable key based authentication only
!
line vty 0 4
transport input ssh
privilege level 15

Install Cisco IOS XRv in GNS3

Tags

, , , ,

Software / Application:

  1. VirtualBox (https://www.virtualbox.org/)
  2. GNS3 (https://www.gns3.com/)

We also need Cisco IOS XRv Router image. For lab we use iosxrv-demo-6.0.0.vmdk which is free to use. The only limitation is it has AAA hardcoded users & rate limit of 2 Mbps. For full features please check the following link:

http://www.cisco.com/en/US/docs/ios_xr_sw/ios_xrv/install_config/b_xrvr_432_chapter_01.html

To download the image please visit https://upload.cisco.com/cgi-bin/swc/fileexg/main.cgi?CONTYPES=Cisco-IOS-XRv. You need Cisco CCO account.

STEP 1: IOS XRV WORKING ON VIRTUALBOX

1. Create a new VM

v-1

2. For the VM please choose:

  1. Name: xrv-1
  2. Type: Other
  3. Version: Other/Unknown (64-bit)

Continue reading