Citrix NetScaler 10.5

I’m currently working on a project where load balancing is required.  I’ve never had the need to load balance in my personal labs so I wanted to educate myself on the matter.  I turned towards CBTNuggets.com because they offer a “Citrix NetScaler 10.5 1Y0-253 NetScaler 10.5 Essentials and Networking” course with Keith Barker.   Once again, I highly recommend you visit CBTNuggets.com, they provide great training videos for a number of technologies. Below are my notes from the course, they’re not complete (and images removed) because i don’t want to infridge on any copyrights.

The Citrix NetScaler 10.5 for App and Desktop Solutions course provides the concepts and training to install and configure a Citrix NetScaler load balancer and gateway in a virtualization environment such as Citrix XenDesktop/XenApp 7.x. Learners are strongly encouraged to build a lab environment to practice the NetScaler techniques learned in this course. This course is based on the Citrix NetScaler 10.5 product, and the fundamental concepts taught in these Nuggets are common to earlier NetScaler versions as well.

Citrix NetScaler is a multi-functional appliance that can perform as a Layer 4-7 proxy for load balancing, as well as an SSL VPN gateway (or both). Environments that include Citrix XenApp and XenDesktop are likely to use a NetScaler as their remote access and load balancing solution.

The Citrix NetScaler (NS) is a Physical (MPX, SDX) or Virtual (VPX) multi-functoinal appliance that can perform as an ISO Layer 4-7 proxy (Web Application Delivery Controller (ADC)  for load balancing, as well as a security gateway (SSL VPN, Posture Scans, Authentication), or both. NS is a TCP/IP Proxy. Packaged as an Open Virtual Format (.ovf) file.

Virtual IP address (VIP) – Address of the Virtual Server (VS), there will be multiple VS created on the NS.

Subnet IP (SNIP) – Is a configured address that the NS uses to communicate with other servers on that subnet.  SNIP purpose is for NS to believe it is directly connected to that specific network.

NSIP – NetScaler IP is the base address of the device.

(more…)








Skype for Business 2015 Implementation

I am implementing Skype for Business 2015 in a high availability and redundant, design.  The below topology is what we’re shooting for.  To increase security on our Edge Servers we’ve decided to create two DMZ zones.  We’re also using Citrix NetScalers for load balancing and reverse proxy.  Wish me luck!








Cable Management project for IDF closets

I was recently left in charge with grooming multiple IDF closets and as you can see below these closets were neglected for years.  We decided to install NetPatch cable management which required re-punching and rearranging patch panels and switches, but after all the long hard word I am quite pleased with the outcome. I also revoked access for the people who managed these closets previously, now I am responsible for all the cross-connects.

Before and After

Before – During – After

 








Open Source Routing (DD-WRT) – Project -Networking

I use multiple routers and switches on both production and lab networks that I maintain.  With all the vulnerabilities in SOHO routers and their manufactures not updating firmware quick enough (or at all) I decided to research alternatives.

I found multiple open source communities which provide third-party firmware, which are designed to replace the original firmware on some commercial routers. The open source firmware that caught my eye is the DD-WRT.

This weekend I finally found time to install DD-WRT on my old Linksys WRT54G router.  I use this router from time to time on my Lab networks.

DD-WRT is a Linux based alternative Open Source firmware suitable for a great variety of WLAN routers and embedded systems.

 

References:

About DD-WRT

DD-WRT Wikipedia

Third-Party Firmware








Cisco’s 8-Step Problem-Solving Model

Cisco General Problem-Solving Model

When troubleshooting a problem a systematic approach works best because the opposite can result in wasted time and resources, and can sometimes make symptoms even worse.

The following is Cisco’s 8 Step Problem-Solving Model:

Step 1:  When analyzing a network problem, make a clear problem statement. You should define the problem in terms of a set of symptoms and potential causes.
To properly analyze the problem, identify the general symptoms and then ascertain what kinds of problems (causes) could result in these symptoms. For example, hosts might not be responding to service requests from clients (a symptom). Possible causes might include a misconfigured host, bad interface cards, or missing router configuration commands.

Step 2:  Gather the facts that you need to help isolate possible causes.
Ask questions of affected users, network administrators, managers, and other key people. Collect information from sources such as network management systems, protocol analyzer traces, output from router diagnostic commands, or software release notes.

Step 3:  Consider possible problems based on the facts that you gathered. Using the facts, you can eliminate some of the potential problems from your list.
Depending on the data, for example, you might be able to eliminate hardware as a problem so that you can focus on software problems. At every opportunity, try to narrow the number of potential problems so that you can create an efficient plan of action.

Step 4:  Create an action plan based on the remaining potential problems. Begin with the most likely problem, and devise a plan in which only one variable is manipulated. Changing only one variable at a time enables you to reproduce a given solution to a specific problem. If you alter more than one variable simultaneously, you might solve the problem, but identifying the specific change that eliminated the symptom becomes far more difficult and will not help you solve the same problem if it occurs in the future.

Step 5:  Implement the action plan, performing each step carefully while testing to see whether the symptom disappears.

Step 6:  Whenever you change a variable, be sure to gather results. Generally, you should use the same method of gathering facts that you used in Step 2 (that is, working with the key people affected, in conjunction with utilizing your diagnostic tools).

Step 7:  Analyze the results to determine whether the problem has been resolved. If it has, then the process is complete.

Step 8:  If the problem has not been resolved, you must create an action plan based on the next most likely problem in your list. Return to Step 4, change one variable at a time, and repeat the process until the problem is solved.

 

References
http://www.cisco.com/en/US/docs/internetworking/troubleshooting/guide/tr1901.html#wp1020562








GNS3 – Networking

I finally found time to install and mess with GNS3 and I’m so happy that I did.  Whether you’re studying for certifications or a professional network engineer GNS3 is definitely a must have tool.  GNS3 also has a great community following and here’s an example.  Mark Blackwell posted multiple how-to video’s showing various features of GNS3 and how to configure them in labs.  Features such as Static Routing for Beginners, NAT Port Forwarding, IOS Firewall, Dynamic Access List,  Address Resolution Protocol ARP Concepts with GNS3, and the list goes on.

GNS3 is a Graphical Network Simulator that allows emulation of complex networks.  It allows you to run a Cisco IOS in a virtual environment on your computer. Dynamips is the core program that allows IOS emulation. GNS3 runs on top of Dynamips to create a more user friendly, graphical environment.

GNS3 is an alternative or complementary software tool to using real computer labs for computer network engineers, administrators and people studying for certifications such as Cisco CCNACCNP and CCIE as well as Juniper JNCIA, JNCIS and JNCIE. It can also be used to experiment features or to check configurations that need to be deployed later on real devices. GNS3 also includes other features like connection of the virtual network to real ones or packet captures using Wireshark.

 

References:

http://www.GNS3.com

Introduction to GNS3

GNS3 Wikipedia








Wireless Printer – Networking – Diagnosis

Having issues installing your wireless printer? When installing a wireless printer there are a number of reasons why it might not function correctly. There could be issues on the Printer, on the Router (network), or even on the Computer. Also keep in mind that there is more than one type of “wireless” printing. For example, Bluetooth-enabled, Infrared, Direct Print, Apple AirPrint, ePrint and other manufacturer specific printing. So when reading this post keep in mind that I’m just trying to provide troubleshooting tips for common problems that you might run into when trying to configure your wireless or Wi-Fi printer.

Here are some tips and things to consider:

Printer Side

  • First things first, make sure the printer is powering on correctly. Check the power cable and ensure it powers up with no issues or warnings.
  • If the printer comes with software, install it and go through whatever configuration or installation wizards it provides. Sometimes this is the easiest solution.
  • Some wireless printers need to be configured via USB. Try hardwiring the printer to your PC first and seeing if you can connect and configure it successfully. Then following the manufactures instructions on how to configure wireless functionality.
  • For wireless printing ensure that the Printer is on the same network as the computer you’re trying to print from. Within the printers wireless or network settings check to ensure the IP address is that of your internal network. (i.e. PC is at 192.168.xxx.xxx and Printer is at 192.168.xxx.xxx and not some other address) If the printer address is different reconnect it to the correct network via manual configuration or through the manufacturers assisted setup wizard.
  • Ensure that your wireless printer is powered on, the wireless functionality is enabled and running, check to ensure the network is the correct network, if everything appears to be configured and enabled try restarting components of the wireless network. Turn off the router, turn off your pc, turn off your printer, and then turn back on the router, turn back on your pc, and turn back on your printer in that order.

 

Router (Network) Side

  • Ensure that the Printer is on the same network as the computer you’re trying to print from.
  • Set a static IP for the printer. Within your routers DHCP settings configure a fixed local IP address to the printers MAC address. This will ensure that the printer’s IP address doesn’t change even after the lease expires.
  • AP Isolation. Make sure your router’s AP Isolation feature is disabled. AP Isolation isolates all wireless clients and wireless devices on your network from each other. This means your printer could be connected to your wireless network successfully, but cannot communicate with other wireless devices on your network.
  • Check your routers UPnP settings. UPnP helps devices on your network automatically discover and communicate with each other. Please be aware that there are a number of UPnP vulnerabilities and that enabling UPnP might make your router vulnerable.

 

Computer Side

  • Make sure the Computer you’re trying to print from is on the same network as the printer.
  • Check your firewall settings to ensure that the computer and wireless printer can communicate.
  • On a PC: Install the printer via the “Devices and Printers” option in the Control Panel. On a Mac: Install the printer by selecting “Printers & Scanners” in the System Preferences. If you configured a static IP for the printer you can manually enter it.

 

Conclusion

Make sure the printer is successfully connected to your wireless network. Make sure the printer and the computer you’re trying to print from are on the same network and the printers IP address is correct. If your printer says its connected successfully but the computers don’t recognize it and you cannot ping the printer from your computer then make sure your router firewall, AP Isolation, UPnP, and computer firewalls are all configured to allow communication to and from each device. There are lots of resources and references available on the Internet, start googling.

  

References:

Why Use Static Addresses for Printers?
http://smallbusiness.chron.com/use-static-addresses-printers-57587.html

What is AP Isolation?
http://www.howtogeek.com/179089/lock-down-your-wi-fi-network-with-your-routers-wireless-isolation-option/

What is Universal Plug and Play (UPnP)
http://whatis.techtarget.com/definition/Universal-Plug-and-Play-UPnP

How to Connect A Wireless Printer
http://www.pcmag.com/article2/0,2817,2411967,00.asp