Just take a wiff of that air!

OK, Seems I’m on a roll here with the HP 830 Wired-WLAN controller. Just looking things over and I see I can turn one of the radios on the MSM Access Point into a sniffer.

If you’re fighting wireless connectivity issues this could be a life saver.

In full disclosure: I will tell you that the HP 830 has a web interface but I’m from a planet far, far away and a long time ago. I’m old school so I opt for the command line. after all….question mark is my friend and yours too.

To use one of the radios as a sniffer, you will need to take it out of service. Let’s break it down:

1. If you have “Auto Ap” enabled, it will need to be temporarily disabled, use the undo wlan auto-ap enable command.

2. Change the view to the AP you want to use:
wlan ap ap01_0002 model 425-AM id 5 in this example ap01_0002 is the name of my access point.

3. Enter the radio view: radio 2

4. Disable the radio to change its settings: raido disable

5. Set the channel statically: channel 11 in this example 11 is the channel I statically assigned the radio.

6. Enable the radio: radio enable

7. Use the wlan capture start ap ap01_0002 radio 2 to get the sniffer started.

 

To verify the operation use the display wlan capture to see if it is running
WLAN Capture
——————————————————————————–
AP Name        : ap01_0002
Radio          : 2
Radio Mode     : 802.11n(2.4GHz)
Channel        : 11
Capture Limit  : 10000
File Name      : CaptureRecord.dmp
Status         : Capturing
——————————————————————————–.

8. To stop the capture: wlan capture stop

From the pointed prompt enter the dir command. Talk about a throwback command…you should see a list of filenames. Look for the “.dmp” file.

<AC>dir
Directory of cfa0:/

0     -rw-       298  Dec 06 2013 20:25:38   system.xml
1     -rw-       624  Apr 26 2013 19:23:42   wlan_ca_certificate.cer
2     -rw-      1800  Apr 26 2013 19:23:42   wlan_local_certificate.pfx
3     -rw-      3855  Dec 05 2013 20:49:08   startup.cfg
4     -rw-      2493  Sep 09 2013 22:24:30   basewc.cfg
5     -rw-      5449  Jul 09 2013 18:12:18   830-1-cfg.cfg
6     -rw-      1437  Jul 09 2013 18:15:58   default.cfg
7     -rw-      4610  Dec 06 2013 20:25:40   startup.cfg.old
8     -rw-       149  Jul 09 2013 20:23:12   apcfg.txt
9     -rw-      3075  Dec 05 2013 20:49:06   _startup_bak.cfg
10    -rw-   1199826  Dec 17 2013 20:49:36   capturerecord.dmp
11    -rw-  89019392  Sep 18 2013 08:36:46   hp830-cmw520-r3308p29.bin

1020068 KB total (865328 KB free)

File system type of cfa0: FAT32

Hook up a quick tftp server…something like 3cdaemon…and get it ready to receive a file.

9. Enter the tftp 10.132.0.10 put capturedrecord.dmp command.This will copy the file to your PC.

Rename the filetype to “.cap” and open it with Wireshark.

enable_server

DHCP server in times of need?

OK, say your working on getting the new HP 830 Unified Wired-WLAN controller up and running in a test lab. I know, you’re just like me and like to geek out in the lab…..wear it like a badge of honor. You happen to have the New HP 830 Unified Wired-WALN controller and some access points (MSM-430, MSM-460). The one thing you don’t have is a DHCP server handy in your lab. Fear not! One is closer than you think.

You see, the HP 830 controller actually has an embedded 8 or 24 port gigabit switch. IF you look at the command line for the switch you will see it has all kinds of features and functionality and one of them is a DHCP server.

When you establish a console connection to the controller you will be at the WLAN controller prompt…..<HP>…from this prompt you need to navigate to the prompt for the internal switch. How do you do this? I’m glad you asked. Use the very intuitive command…..oap connect slot 0.

You should now see an identical prompt to the one you were just at <HP>…..from here you can issue the system-view command to get to the [HP] (enabled mode) or CTRL+K to move back to the controller. Let’s stay on the switch prompt and use the system-view to get enabled.

Let’s take a quick peak at what it will take to get it running.

A quick look at the commands.
enable_server

We start off with enabling the DHCP server. Next we specify the name of the server, I used swim2 with the EXTENDED option.
Specify the IP range and mask along with the gateway information. The forbidden IP addresses are optional.

Finally apply the ip-pool to the VLAN interface. In this example it is VLAN 100.

That’s it. You now have a quick and easy DHCP server to use for your LAB environment.

HP’s iMC 7.0 Login Page Customization

I know what you’re thinking. I just upgraded my iMC server to the 7.0 release and now my old login customization no longer works. Well, maybe that wasn’t what you were thinking but at some point you will. So I have been busy here in the “Wookie Lab” and tracked down where the graphic locations are.

If you haven’t tried the new themes in iMC, there are four to choose from.

Classic, Midnight, Gun Metal and Ocean.
enable_server

The corresponding folder locations:
c:\Program Files\iMC\client\web\apps\imc\resources\primefaces-imc-deep-blue\images.

There is also a primefaces-imc-classic-blue, primefaces-imc-cool-black and
 primefaces-imc-elegant-gray directory. You may want to add the custom graphics to those as well.

There are two files that you will need to create. The first is “box_bg.png” This has to be a png file. The graphic dimensions are 508X248.

The second image is “login_bg.jpg” This file will be 1908X1080.

Be creative!

Here I made the box_bg.png file:
enable_server

This will be where  the Username and password fields will be displayed. Don’t worry, just experiment and see what you come up with.

The next graphic is the overall background image login_bg.jpg. This is what mine looks like:
enable_server

Place a copy of both files in the primefaces directories listed above. Make sure you make of backup of the original files….never know if you’ll need them later.

Point you browser over at your iMC server and behold!…..do people even say that anymore?

enable_server

 

Hit me up if you have any questions!!

You Could Use A Rest!

So you have a far flung enterprise network that requires care and feeding to keep things up and running. You know you can’t do it alone and your personnel resources are stretched thin already. You need to start working smarter and not harder. During the last meeting with your HP networking team you find out about a great new network management solution called IMC, Intelligent Management Center.

You like what you see. A network management application that not only let’s you monitor and manage network products from HP, but many other vendors as well. You also discover how IMC can help with network services like AAA, its ability to do compliance checking, and position you to take advantage of Software Defined Networking (SDN) all from a single pane of glass.

After getting IMC up and running, things start to get a little simpler. You like simple. Need to push out a new set of SNMP community strings to 500 switches and routers; you easily finish the task in fifteen minutes. Need to verify you didn’t miss any default community strings? You can set up a compliance check and run it against all the devices in your network with very little effort.

Now that you have IMC doing the heavy lifting for you, taking care of the day to day tasks of backing up all the configurations on your network, base lining software revisions, and keeping an eye on everything else, you deserve a Rest. Not like a siesta, but more like a new innovation to take you to the next level.

RESTful API’s are what I am talking about. With the release of IMC 5.0, HP opened up the eAPI’s for third party applications to integrate with IMC. This results in the ability to have scripts that run outside of IMC get information stored in IMC and push changes into IMC. That’s a lot of IMC! The first time I heard of this I thought, “Hey, I have a new use for my Python chops” and I started to think about the possibilities.

RESTful API’s are basically HTTP calls in the form of PUT, GET and POST. You have probably seen them a thousand times in the top of your web browser and never even noticed them. By using the RESTful API’s you can use a POST to the IMC server to make a change. Perhaps you want to move a single device from one vlan to the next by simply entering the device’s MAC address and a vlan number. Wrap it up in RESTful API script and the job is done. There are multiple client languages that are supported.  Java and Python are my personal favorite.

OpenStack for Idiots

So, being somewhat savvy with the teknical stuff, I thought I would explore the world of Openstack. At first I was thinking that this was similar to OpenFlow. NOT. OpenFlow is the language that is used by the Software Defined Network (SDN) Controller to establish flow tables in Openflow enabled switches…what to know more go to www.openflow.org. Openstack is the environment where compute, storage and networking are virtualized……OK, I’ll wait while you google it…

Moving on…I wanted to know more about this teknology so I did what I always do, buy a book and start reading. It is absolutely amazing what is in those things…

I picked up OpenStack Cloud Computing Cookbook by Kevin Jackson. It’s a great resource but if you are trying to use it as a step by step guide, I wish you good luck. There are a lot of moving parts to OpenStack like Nova, Glance, Keystone, Swift and it requires some general knowledge of what these are. When I saw Keystone I thought of that beer commercial with “Keith Stone”, I can’t get that out of my head.

I used Oracle’s Virtual Box as a base platform and tried to set it up as instructed by the book but soon ran into things that were obsolete. Seems that nova-manage has been replaced with keystone..(I’m getting thirsty, again!).

Eager to see the Horizon dashboard, I went to the ultimate source of knowledge, Google. It wasn’t long until I discovered DevStack. It could not get any simpler to set up a Openstack dev environment. Here’s how I did it.

Set up a generic Linux Virtual Box VM. I use VDMK as the disk file type. Then, using this (http://devstack.org/guides/single-vm.html) as a resource, I just followed the simple instructions.

I picked up a copy of the minimal Ubuntu image at https://help.ubuntu.com/community/Installation/MinimalCD#A64-bit_PC_.28amd64.2C_x86_64.29
It’s only 35M and it’s a quick setup in Virtual Box. Once you get logged into the VM just issue these commands.

apt-get update
apt-get install -qqy git
git clone https://github.com/openstack-dev/devstack.git
cd devstack
echo ADMIN_PASSWORD=password > localrc
echo MYSQL_PASSWORD=password >> localrc
echo RABBIT_PASSWORD=password >> localrc
echo SERVICE_PASSWORD=password >> localrc
echo SERVICE_TOKEN=tokentoken >> localrc
./stack.sh

HIPTIP of the week: If you issue the command “sudo bash” without quotes on the command line, ubuntu will prompt for your password. Now you do not need to start every command with sudo.

Keep an eye on the stack.sh when its finished, it will give instructions on how to access the dashboard.

Congratulations you now have a OpenStack dev platform to play with and just took you first step into the world of Software Defined Networking.

I scream, You Scream

I have an interesting idea. I want to load an 802.1x test client on an Android device. Trouble is I don’t have one. I do have VirtualBox, so I started asking myself if there is a way to run Android in it. A quick trip to the Google and I found a couple of interesting resources.

First I loaded an Android image for VMWare and it didn’t do a whole lot. There must be more! Finally my luck panned out by finding this;

Kirsle

I posted the downloads here as well.

system

Android ISO

And unless you’re really clever, you will need instructions. I copied them and put them into a word file that you can print out.

Instructions

When you get to the part about accessing the Terminal Emulator, I used the fly wheel on my mouse and found it. I guess in Android there is a search function as well.

Other than that it is a very stable version of Ice Cream Sandwich running on your desktop.

Discliamier: This is totally unsupported by me or anybody I know. I am offering this as is. I will be doing my client install (Hopefully) later this week.

Comware 7 Basic Config

You might not know this but over at HP Networking they have released the new version of Comware, the command line based switch operating system. Comware 7 is now shipping on HP 5900 switches with more to follow. There are a ton of new features that will be available in Comware 7, but to use them you must first get the switch online. There are some minor differences between Comware 5 and Comware 7 and I will attempt to guide you through getting ssh enabled and other basic tasks.

If you’re like me and believe the devil is in the details by all means look at this document!
http://bizsupport1.austin.hp.com/bc/docs/support/SupportManual/c03189486/c03189486.pdf

If you just want to get things going, by all means let’s get going.

You will need to eatablish a console session with the serial port on the switch, I will not cover that proceedure in this post. It’s easy…..go ahead get one going….I’ll wait…..

OK! Now we’re connected to the console session there will be a prompt. Something like. In order to configure the 5900, there is no need to issue the “Config Term” command. No, just enter system-view and the promt will change to [Switch], letting you know you can start to configure the switch. Please be aware that in my examples I show the system-view command but if you are already at the square bracket prompt, there is no need to enter the system-view command.

First things first, enable the ssh server.
enable_server

In this example, I am going to guide you through configuring “ssh”, so disregard the telnet server enable for now.

The next step is to generate a public key, just accept the defaults if you don’t know what all the settings are for.

enable_server

Comware command line is very similar to other popular command lines, so some of this might be very intuitive. In Comware we have a Virtual Interface concept which is very similar to Cisco’s CLI.
ip_address
We will test this a little later; let’s move on to the user-interface configuration. The user-interface is where the ssh session will terminate. These are commonly called vty ports. The following configuration walks through the setup. Please note that by issuing the protocol inbound ssh command, you will not be able to also use telnet.
user_interface
The “authentication-mode scheme” tells the switch to use local authentication. That means we will have to create a local user as well.
local_user
For this exercise we will use the “service-type ssh”. The “network-admin” role give the user the ultimate privileges on the switch. By default, network-admin is specified on the console user interface, and network-operator is specified on any other user interface. Here is a graphic that explains what different roles are available in Comware 7.
user_roles
In order to manage the switch with HP’s Intelligent Management Center, we will need to configure some SNMP parameters.
snmp
The last part of the basic configuration will be the default route. This should look familiar. The IP address at the end is the IP address of the default gateway.
ip_route
Now that we have finished the configuration let’s do a couple of things. Let’s test the network connectivity. Make sure you have at least one cable plugged into a port on vlan 1.
ping_test
If you see the ping results are good, then don’t for get to SAVE the configuration. From the command prompt issue the [Switch]save command. Follow the prompts for the filename.
The new Comware 7 switch should now be ready for access via ssh.

Hidden Messages

OK,
No for something completely different. We all have seen those black and white cubes with three black squares. These things are called QR codes. If your half awake you have probably noticed one or two. If you are a geek at heart like me, you have probably downloaded the App on you smartphone to read these things. QR codes come in all shapes and sizes. During a discussion with a fellow engineer, we talked about using QR codes to load bulk information into IMC, HP’s network management platform.

The next logical question in my mind was how to you make such things? The answer?
GOQR.me. Head on over to goqr.me and they have a very nice QR code generator. You can type in text, URL’s or just about anything you can think of and goqr.me will create your QR code dynamically.

Simply download or use Windows snipping tool to get the image into a .JPG file and use it where ever you care.

Secret Message

These things are like a virus!

I am in big trouble.

I have no idea how this happened but I am getting overrun with Korg synths! It’s a long sordid story but somehow these things are multiplying! 2x Korg Trinity Rack, 1xKorg Triton Rack, 1x Korg M3R……
That’s not the worst part of it. There is a Korg Trinity Pro-61 key synth on its way to the studio as we speak!

Help!

Too many Korgs

Lifetime Warranty!

Here’s a quick way to get a slice of history. Koss Pro4/AA headphones are incredible and they are built like a tank. Many a great albums were engineered with these workhorses. So here’s a little secret that is not widely known. These headphones come with a lifetime warranty.

I just bought a pair on eBay for $24.00. I spent $8.00 shipping back to Koss and included a check for $8.00 to ship them back. Koss will either refurbish them back to factory condition or send you a new pair! SO for my $40.00 investment, I get a brand new pair of headphones. I remember when I was 16, and at my friend’s house, his dad had a pair of these and when I put them on I was blown away by their clarity.

Did I mention how similar this is to HP’s lifetime Warranty? HP even pays for the shipping!

Used pair of Koss Pro4AA eBay ~$30.00
New pair ~ $120.00