easiest VPN softwares and/or instruction for nooblets

Started by ggnfs000, October 03, 2017, 12:29:52 AM

Previous topic - Next topic

ggnfs000

Quote from: SimonV on October 06, 2017, 01:18:59 PM
You can get an unlimited edition of Pulse Secure virtual appliance for lab use, max 3 concurrent users I thought. Much more granular than any firewall-based VPN solution imho.
Haven't set it up myself though, I use the Juniper SRX Dynamic VPN with the Pulse Secure client, wasn't too bad to set up.
You could get a trial version of the vSRX and use that...

Thank I 'll look into that.

ggnfs000

Quote from: wintermute000 on October 06, 2017, 12:27:07 AM
the 5500 is not what I would suggest for 'easiest'... you can't even ping through one until you know the magic thing you have to do LOL (CCNA security question #1....)

Yes, I am virtually Looking at the ccna security and so far covered 1/3rd. I am posing to read through enough chapters to be able configure comfortably. As long as the devices work a documented, it usually goes straightforward. What is "really" difficult is it does not work a documented.

deanwebb

Code changes can result in problems... try to have the same code version as is apparent in the materials. There are some major revisions in which syntax changes dramatically. Be sure you're also studying materials for the current test. Then check with us here before you go in, so we can make sure you got your stuff together. Cisco cert tests seem to be something of a bait and switch operation of late, where you can't pass unless you took the live class, peeked at the answers (BIG NO-NO), or went above and beyond in your study to read whitepapers and stuff ***BEST PRACTICE***.

:fail2:
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

icecream-guy

Quote from: ggnfs000 on October 06, 2017, 03:13:29 PM

As long as the devices work a documented, it usually goes straightforward. What is "really" difficult is it does not work as documented.


That second part by definition is Cisco.

:haha3:
:professorcat:

My Moral Fibers have been cut.

ggnfs000

#19
Quote from: ristau5741 on October 08, 2017, 08:05:51 AM
Quote from: ggnfs000 on October 06, 2017, 03:13:29 PM

As long as the devices work a documented, it usually goes straightforward. What is "really" difficult is it does not work as documented.


That second part by definition is Cisco.

:haha3:

it is not just cisco, it is virtually most of open source projects.
just latest casualty, needed to do a quick crash course on python django project and tried setting up on linux server according to instruction but it ended fucking riddled with errors like 400, 404 and all sorts of web errors. But they advertise 'em as "for perfectionists" AN touted it as a simple to setup. Fuck this! 

As for VPN, i hit the 2 roadblocks immediately:
from CCNA security book, the 3 rd instruction starting with "ip local..." for setting VPN on 5505 was not available on 5505 on packet tracer. Why it is not available whether the software does not support it, different models, fucking beats me.
CCP downloaded and installed but wont fucking run, it requires java 1.6 or later when I already got 1.8. Even reverting back to older version 1.7 and 1.6 wont run.

Thinking about getting the fuck out of this software indsutry and doing something meaningful.

wintermute000

You can keep using packet tracers, and asking **** questions, or you can do it properly. Told you twice already, your choice.
ASAv works in Unetlab/EVE-NG/GNS3/VIRL.

CCP HAHAHAHAAHAHAHAHAHAHA are you serious. Nobody in their right mind uses that java abomination. Apologies for the CCNA sec courseware..... but yeah with ASAs its CLI or ASDM all the way. You have no chance with CCP

deanwebb

CCP and Java...

:flipdesk:

Basically, you'll have to scrub Java off your system and install ONLY the version that that CCP wants. Alternatively, get GNS3 spun up and run the 5520 image that's floating out on the Internet, running 8.02 code, then connect to it via a VM running only Java 1.6. You will use CCP *only* for the CCNA-Security, never again afterward. Never ever ever ever again, not even on CCNP-Security.

The ASA in Packet Tracer will not have all code features activated. This is why I recommend GNS3. Getting the ASA to run in GNS3 is no picnic, but it's free.

An actual 5505 on eBay is going for around $55-65, not bad. I spent just over $100 on mine, back in 2013. I had a lot of fun with it. I got it to do a VPN with the 5520 in GNS3, that was a real hoot. Then I did a VPN with an 1841 ISR - those are down around the $50-60 range, as well - and that pretty much was all the VPNing I had to do.

Wintermute is correct about using either CLI or ASDM in the real world. And ASDM comes with its own Java nightmares. Thanks to Cisco, you will learn more about Java versioning than you ever wanted to.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.