0% found this document useful (0 votes)

153 views

AAC-007-05 Labguide - v2

Uploaded by

regabri

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

153 views

AAC-007-05 Labguide - v2

Uploaded by

regabri

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 71

Advanced Administration

Lab Guide
Infoblox Educational Services

Revision 007-5a
May 11, 2011
Copyright © 2011, Infoblox Inc. — All rights reserved.

Revision date: May 11, 2011 (Revision 007-5a)

The contents of this document may not be copied or duplicated in any form, in whole or in part, without the prior written
permission of Infoblox, Inc.

The information in this document is subject to change without notice. Infoblox, Inc. shall not be liable for any damages
resulting from technical errors or omissions which may be present in this document, or from use of this document.

This document is an unpublished work protected by the United States copyright laws and is proprietary to Infoblox, Inc.
Disclosure, copying, reproduction, merger, translation, modification, enhancement, or use of this document by anyone
other than authorized employees, authorized users, or licensees of Infoblox, Inc. without the prior written consent of
Infoblox, Inc. is prohibited.

Infoblox, the Infoblox logo, DNSone, NIOS, Keystone, bloxSDB, bloxHA and bloxSYNC are trademarks or registered
trademarks of Infoblox Inc.

All other trademarked names used herein are the properties of their respective owners and are used for identification
purposes only.

© 2011 Infoblox Inc. All Rights reserved. ii

Table of Contents

Preface ..................................................................................................................1

External Admin Authentication via Microsoft Active Directory.......................3

Introduction to Custom DHCP Option Spaces ................................................13

TSIG and GSS-TSIG ...........................................................................................21

Dynamic DNS .....................................................................................................27

DNSSEC ..............................................................................................................31

DNS Anycast Over OSPF ..................................................................................45

Views ..................................................................................................................53

DHCP Failover ....................................................................................................59

Appendix A – Student IP Assignments ...........................................................65

© 2011 Infoblox Inc. All Rights reserved. iii

Introduction
Welcome to the Advanced Administration Class Lab Guide. As you work your way through this guide
you will find both a return to familiar concepts from earlier labs and past classes as well as brand new
concepts. As you become reacquainted with those familiar topics we will attempt to stretch your
understanding and comprehension. As we familiarize you with new topics we will provide step-by-step
instructions to build your knowledge as well as your confidence.
© 2011 Infoblox Inc. All Rights reserved. 2
1 Lab 1
External Admin Authentication via Microsoft Active Directory

Introduction
Infoblox administrators can authenticate externally through an AD or RADIUS server.

Module Objectives
After successfully completing this module, you will be able to:

Understand Infoblox’s implementation of external Admin authentication

Configure an Infoblox admin account to authenticate via a Microsoft Active Directory server

© 2011 Infoblox Inc. All Rights reserved. 3

External Authentication
In this lab, we learn how to configure authentication using a Microsoft Active Directory server.

Configuration consists of three steps:

• Configure an admin group on the Infoblox. This will determine the permissions for the user

• Specify the authentication servers that the Infoblox appliance will use, and in what order

• Create a policy that assigns the remote accounts to an Infoblox admin group so they can inherit
the right set the permissions.

Lab Setup
eLab has an Active Directory server already set up with an admin group called infoblox-students and
several user accounts called student1, student2, student3 etc. You will test your work at the end of the
lab exercise using these accounts.

Exercise 1 - Create an Admin Group to be Used by Active Directory

In this first exercise, you create an admin group called infoblox-students on the Infoblox appliance.
This group already exists on the eLab AD server and will be used in assigning the correct permissions.
Spelling matters! If you misspell the name, Infoblox will apply default permissions.

1. Click on Administration panel.

2. Click on Groups panel.

3. Click on the “+” (plus) sign to add a group.

This will open the Add Group window.

4. Assign the name infoblox-students for this group.

5. Click Save & Close to save your work and close the panel.

© 2011 Infoblox Inc. All Rights reserved. 4

6. Check your new group and select the Permissions option from the top bar menu.

The Create New Permissions dialog box opens.

7. Click the “+” (plus) button to open the Manage Global Permissions dialog box.
You are going to give this group read-only permissions for all DNS zones.

8. Change the drop-down menu under Permission Type to DNS Permissions and check the box
marked Read-Only next to All DNS Zones.

© 2011 Infoblox Inc. All Rights reserved. 5

9. Click Save & Close.
The Add Permissions dialog box closes.

Exercise 2 - Configure Active Directory Authentication

In this exercise, you configure the AD servers that the appliance might use. Note that configuring
servers here does not activate them. Activation occurs when you configure policies (shown in the next
section).

You configure the appliance to use the eLab AD server.

1. Click on the Authentication Server Groups panel.

2. Click on the Active Directory Services heading to expand the section.

3. Then click on the “+” (plus) button.

© 2011 Infoblox Inc. All Rights reserved. 6

4. Enter the following information:
Name: niosrox-ad (This is an arbitrary name you are assigning the service)
AD Domain: niosrox.local (This is the AD domain name)

5. Click the “+” (plus) button to add a Domain Controller

© 2011 Infoblox Inc. All Rights reserved. 7

6. Enter the following information:
Server Name or IP Address: 192.168.1.9
Authentication Port: 389
Encryption: None

7. Click Test.

8. Click Add.
Note: You will get a message warning you about using unencrypted communication with the AD
server. Go ahead and click Yes to this.

9. Click Save & Close.

Configure Authentication Policy

After you configure authentication service, you then define the admin policy. The admin policy defines
which authentication methods to use (i.e., which servers to use), and in what order.

The Policy editor also lets you define the Admin Group for remote administrators so that the right
privileges can be assigned to the admin account.

In this exercise, you create a policy that says “If a user authenticates via an AD server and the AD server
returns a group name infoblox-students, then assign them to the Infoblox group infoblox-students.”

1. Working within the Administrators and Authentication Policy panels of the Administration
panel look at the section that says “Authenticate users against these services in this order”.

© 2011 Infoblox Inc. All Rights reserved. 8

2. Click on the “+” (plus) sign in the Authenticate Users against these services in this order.

The editor lets you add an Authentication Service you previously created.

3. In the Add Authentication Service section, click the Active Directory button.

4. Change the drop down box to niosrox-ad (the Active Directory Authentication service you
created earlier).

5. Click Add.

6. Click in the check box for the authentication service you added and hit the up arrow on the
left hand side of the screen until your policy is at the top of the list

© 2011 Infoblox Inc. All Rights reserved. 9

7. Next, scroll down and click the “+” (plus) sign in the Map the remote admin to the local
group in this order section.
8. This will bring up the Admin Group Selector screen

9. Select infoblox-students.

© 2011 Infoblox Inc. All Rights reserved. 10

Exercise 3 - Test Your Work
In the upper right-hand corner of your screen choose Logout to logout of the system. Afterwards, log in
using any of the student accounts – such as student1, student2, etc. The password for each is infoblox.

These accounts should have read-only permissions for DNS Zones. Try creating some DNS Zones with
your local Admin account and then changing them with the student account. What was the result?
Record your results below.

© 2011 Infoblox Inc. All Rights reserved. 11

Introduction
An option space is a term that refers to a list of DHCP options. We typically deal with just one option
space - the Standard DHCP Option Space, made up of 254 options. The Standard Option Space is not
the only option space; many vendors have defined custom option spaces designed to meet the
specialized needs of devices like Wireless Access points and VOIP phones.

In this lab, we create a custom option space for a Cisco Wireless Access Point and configure the
appliance to serve options from this option space.

Creating a custom option space consists of three steps:

• Create the option space

• Define the options in the option space

• Set the values for each option.

© 2011 Infoblox Inc. All Rights reserved. 13

Background
The traditional method of creating a custom option space is to configure option 43 from the Standard
DHCP Option Space. DHCP option 43 is a special purpose option designed to allow users to define
their own custom option spaces. This option is a bit awkward to use as it requires Hex input.

Infoblox provides a simpler method of creating custom DHCP option spaces using its “Advanced DHCP
Options” feature. The Advanced DHCP Options feature essentially translates Option 43 for you into
simple, non-hex language.

Module Objectives
In this lab, you create a custom option space for a Cisco wireless access point. Your next task will be to
add options to the option space. Afterwards, you will configure a “match filter” (a rule) that will look
for client DHCP Discovers that include DHCP Option 60 (the vendor-class-identifier). When a client
sends a Discover containing DHCP Option 60 that identifies the client device as a Cisco device, your
appliance will serve the custom options you defined in your option space.

When you finish your work, you will compare your settings in the dhcpd.conf file and see how they
compare to a correctly configured the dhcpd.conf file.

There are three steps to the lab:

Add a Vendor Option Space

Configure a DHCP option filter

Compare your dhcpd.conf file to the “answer”

© 2011 Infoblox Inc. All Rights reserved. 14

Preparation: Configure a Network and Network Range
Option filters are applied to networks and ranges. Before we move on, you should create the following
network and range:

1. Enable DHCP on your appliance

2. Create a network 10.34.10.0 /24.

3. Create the network range 10.34.10.1 to 10.34.10.10.

Add a Custom Option Space

In this exercise you define a vendor option space for a Cisco wireless access points, the Aironet 1130.
When you complete your work, this option space will be empty. In the subsequent exercise, you will
define options for your option space.

1. Click the tab for the Data Management panel.

2. Click the tab for the DHCP panel.

3. Click the tab for the Filters/Options Spaces panel.

4. Click on the Options Spaces section to expand it.

5. Click on the “+” (plus) button to add an option space.

6. Enter Cisco-Aironet into the Option Space Name.

Configure Options for Your New Option Space

7. Click the “+” (plus) sign to add an option.

8. Click in the Name section and enter Controller_IP.

9. Change the drop down menu from the Code section to 241.

10. Change the drop down menu from the Type section to array of ip-address.

11. Click Save & Close to save your new option/option space.

© 2011 Infoblox Inc. All Rights reserved. 15

Configure Option Filters
Having created the option space called Cisco_Aironet and defined one of its options (option 241, an
array of IP addresses); you are now ready to spell out the exact data that the appliance should return
when it serves your custom option.

In this exercise, you create an option filter called Cisco Aironet 1130 Series.

1. Within the Data Management panel, in the DHCP and Filters/Option Spaces panels, expand
the section marked Filters.

2. Click on “+” (plus) button to bring up the Add Filter Wizard.

3. In the Name box, enter the name Cisco Aironet 1130 Series.

4. Change the Filter Type drop down menu to Options.

5. Click the Next button at the bottom of the page.

© 2011 Infoblox Inc. All Rights reserved. 16

6. Change the Option Space drop-down menu to DHCP+(space name you created earlier).
If you followed the example, you should see the name DHCP+Cisco-Aironet.

7. Click the Save & Close button. (Next would bring you to Extensible Attributes.)

Create Match Rules for the Options Filter

Match rules are triggers for option filters. Match rules tell the server what target to look for in client
requests. In this exercise, you create a match rule for your option filter that says “When a client sends a
request with Option 60 configured as ‘Cisco AP c1130,’ send the data specified in the option filter.”

1. Click on the Option Filter name you just created.

2. Click on the “+” (plus) sign to add a Match Rule.

The Add Match Rule Wizard opens.

3. Change the Match Option drop down menu to vendor-class-identifier (60) string.

4. In the Match Value box, enter the string to be matched. For this exercise, enter the following:
Cisco AP c1130

© 2011 Infoblox Inc. All Rights reserved. 17

5. Click Save & Close.

Assign a Value for the Option

Having configured an option filter, you can now use the option and assign it a value.

1. In the Networks panel, click on the network that contains the range you created earlier.
If you are following the example, then the network is 10.34.10.0 /24.

2. Select the range you created earlier and click the edit icon.
If you are following the example, the range is 10.34.10.1 to 10.34.10.10.

3. Click on DHCP and scroll down to the Custom DHCP Options section

4. Select Cisco-Aironet (the option space), Controller_IP (as the option), and enter the value
10.34.1.3,10.34.1.4

5. Click on Save & Close.

6. Click on the Restart button at the top left corner of the screen to restart DHCP and use your new
configuration.

Challenge 1: Configure DHCP Option Filters for Cisco AP 1240 & 1500
The following challenges are based on data provided below. If you look through the data, you will see
details about the Cisco 1130 wireless access point and about two other Cisco AP models: the 1240 and
the 1500.

Use this data and the procedure in the preceding exercise to configure custom options for the Cisco 1240
and 1500 wireless access points. Afterwards, create option filters using the IP address ranges shown
below.

© 2011 Infoblox Inc. All Rights reserved. 18

Config information
Subnet: 10.40.252.0/255.255.255.0
Range: 10.40.252.100 - 10.40.252.200
Router: 10.40.252.1
Domain name servers: 10.40.241.1, 10.49.9.104, 10.49.8.65, 10.52.20.29
NTP Servers: 10.49.8.184, 10.49.9.221
Lease time: 24 hours
domain-name: clients.company.priv

Information needed for custom options:

Vendor Name: Cisco Aironet 1130 Series

Vendor Class Identifier: Cisco AP c1130
Attributes:
Option #: 241
Name: AP1130
Type: Array of IP-address

Vendor Name: Cisco Aironet 1240 Series

Vendor Class Identifier: Cisco AP c1240
Attributes:
Option #: 241
Name: AP1240
Type: Array of IP-address

Vendor Name: Cisco Aironet 1500 Series

Vendor Class Identifier: Cisco AP c1500
Option #: 241
Name: AP1500
Type: Array of IP-address

Vendor Option 241 on all ranges should have a value of: 10.40.255.160,
10.40.255.161, 10.40.255.162, 10.40.255.163

© 2011 Infoblox Inc. All Rights reserved. 19

© 2011 Infoblox Inc. All Rights reserved. 20

Lab 3
3 TSIG and GSS-TSIG

Introduction
In this lab you will enable TSIG and GSS-TSIG on your DNS zones and DHCP ranges.

Module Objectives
After successfully completing this module, you will understand the process of enabling TSIG and GSS-
TSIG on your appliances. You will complete the following tasks:

• What is TSIG and what is it used for

• How does TSIG work

• How do you use TSIG

• What is GSS-TSIG and what is it used for

• How does GSS-TSIG work

• How doe you use GSS-TSIG

© 2011 Infoblox Inc. All Rights reserved. 21

Tasks
The following tasks take you through setting up TSIG to use to authenticate DNS updates. As well as
setting up GSS-TSIG to provide signed updates from an Infoblox DHCP server to a Microsoft DNS
server.

• Successfully create a new Zone, Network and DHCP Range

• Successfully create a TSIG key and enable it on a DNS Zone

• Successfully load a GSS-TSIG Keytab file and enable it at the Grid level

Step 1 – Create a Network and DHCP Range

1. Create the following, where XX = your Student Number:

a. Network: 10.200.1XX.0 /24

b. DHCP Range 10.200.1XX.100 – 10.200.1XX.200

Step 2 – Create a TSIG key and add it to a DNS Zone

1. Go to the DNS panel of the Data Management panel.

2. Click the Grid DNS Proprieties icon in the Toolbar.

3. Click on the drop down arrow next to the “+” (plus) button in the Updates section.

4. Select TSIG Key

5. Name the TSIG Key: StudentXX, where XX is your student number.

6. Click Generate Key Data (or click on the down arrow of the Generate Key Data to choose the
key length) NOTE: If you were really setting up TSIG updates you would need to copy this
key to the DNS server you wanted to provide updates to your appliance.

7. Click Add.

8. Click Save & Close.

© 2011 Infoblox Inc. All Rights reserved. 22

9. You may need to restart services…

Step 3 – Load a GSS-TSIG Keytab file

1. Copy your keytab file from the FTP server to your local XP workstation

a. Click the “Start” button on your Windows XP Virtual Desktop

b. Click on Run (lower right hand corner)

c. Type the command: cmd

d. Make sure your current directory is: “C:\Documents and Settings\training\Desktop”

e. Run the “ftp” and connect to the following server:

• FTP Server: ftp.training.infoblox.com

• User: ftp

f. Use the following commands within FTP:

• cd AAC

• prompt

• bin

• mget *.*

• quit

g. Type the command: exit (to close the DOS prompt)

2. Switch to the DHCP and Network Panel in the Data Management panel.

3. Click on the Grid DHCP Properties button on the Toolbar.

4. Check the Enable GSS-TSIG Updates under the DDNS section.

5. Click on the Manage Keytab Files button

This will launch the Keytab File Manager panel
6. Click on the “+” (plus) button.

© 2011 Infoblox Inc. All Rights reserved. 23

7. Browse to the following file “C:\Documents and Settings\training\Desktop\gsstsig.ktb” and
select it.

8. Click the upload button.

9. Click Ok.

10. Enter ns1.niosrox-ad.local in the Domain Controller.

11. Change the GSS-TSIG Key to the keytab you just loaded.
NOTE: You will not be able to test GSS-TSIG at this time
12. Click Save & Close.

© 2011 Infoblox Inc. All Rights reserved. 24

Results
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________

© 2011 Infoblox Inc. All Rights reserved. 25

Introduction
In this lab, we will use the DHCP server to send Dynamic DNS (DDNS) updates when clients get IP
addresses. We will try using both non-option 81, and option-81.

Module Objectives
After successfully completing this lab, you will be able to:

Successfully configure the Infoblox Appliance so that your virtual Windows XP machine gets and IP
address via DHCP and registers itself in the DNS server. A, PTR, and TXT records should be visible in
the UI using the zone information configured on the Infoblox appliance.

Successfully configure the Infoblox Appliance so that your virtual Windows XP machine gets an IP
address via DHCP and registers itself in the DNS server. A, and PTR records should be visible in the UI
using the zone information entered on the Windows machine (option-81 enabled).

© 2011 Infoblox Inc. All Rights reserved. 27

Exercise 1 – DDNS for a DHCP client without option-81
In this exercise you will enable DDNS and configure DHCP to assign an IP address to your virtual XP
machine. When an address is assigned, the client should get a fully qualified domain name and DDNS
should create A, TXT, and PTR records.

NOTE: Before attempting to do this lab, it is VERY important that you disable GSS-TSIG that you
enabled in the previous lab. Follow the steps from the previous lab and uncheck the checkbox where
you enabled GSS-TSIG.

Complete the following steps:

1. In the DNS panel perform the following tasks:

a. Create a forward mapping zone called studentXX.lab, where XX is your student

number.

b. Create a reverse mapping zone 10.100.x.0 /24 where x is your student number.

c. Assign your appliance as the Primary Name Server for the zones you created above.

2. Within the DHCP panel, perform the following steps:

a. Configure your Infoblox device to send the domain name studentXX.lab to the client
device (where XX is your student number.)

b. If it is not already enabled, enable DHCP.

c. Enable DDNS using ISC Standard Text Record Handling

d. Disable using GSS-TSIG to send signed updates

3. In the Networks panel, configure a network with the following address: 10.100.x.0 /24 where x
is your student number. Your appliance will assign an address to your XP machine from this
network. While creating the network, also do the following:

a. Be sure to assign a member to the network.

b. Configure the router IP address (the routers IP ends in “.1” for all eLab networks)

© 2011 Infoblox Inc. All Rights reserved. 28

4. Configure a DHCP range within the network you created in the previous step. Make sure you
assign a member to the range.

5. Configure your Windows XP machine to use DHCP and make sure your device gets an address.

6. After getting an address, check to see that the client FQDN is correct and that the following
records have been added to DNS: A, TXT, and PTR record.

7. Verify the results.

Exercise 2 –DDNS for a DHCP client with option-81

In this exercise you will again be using your virtual Windows XP machine as a DHCP client. Complete
the following:

1. Configure your Windows XP client so that it will send the FQDN and will use the DNS suffix of
“aac.lab.”

2. In the appliance’s DNS panel, do the following steps:

a. Delete the “studentXX.lab” zone.

b. Delete the PTR record that was created in exercise 1 in the reverse zone for 10.100.x.

c. Create a new forward mapping zone called “aac.lab.”

3. In the DHCP panel, remove the domain name “studentXX.lab” and uncheck the box marked
Override Grid Domain Name.

4. Enable Option 81 support.

5. Delete the DHCP range created from Exercise 1.

6. Create a new range making sure not to use the IP address that was assigned to your Windows XP
client.

7. Open the Toolbar panel under the DHCP panel. Afterwards, click on Configure DDNS.
Specify “aac.lab” as the zone to update. Save your work and restart services.

8. On your XP machine, perform the following steps:

© 2011 Infoblox Inc. All Rights reserved. 29

a. Open a DOS window.

b. Run the command: ipconfig /release.

c. Run the command: ipconfig /renew.

d. Verify that your XP client received an IP address and was assigned the domain suffix
“aac.lab.” Then check that your machine was registered in to the correct forward and
reverse zones.

9. Return your XP machine to its static address.

© 2011 Infoblox Inc. All Rights reserved. 30

Lab 5
5 DNSSEC

Introduction
DNS Security Extensions (DNSSEC) allows Zone administrators to digitally sign zone data and thereby
enhance its security and integrity.

Module Objectives
After successfully completing this module, you will be able to:

• Understand DNSSEC.

• See what kinds of records a DNSSEC zone can hold.

• See how the “chain of trust” works between a parent and child domain.

• See how DNNSEC can verify the absence of records in a zone.

© 2011 Infoblox Inc. All Rights reserved. 31

Big Picture: What Does DNSSEC Do?
The simple answer is: DNSSEC authenticates DNS data and verifies its integrity during transmission.

Lab Exercise Overview

The DNSSEC lab has been built to show you how DNSSEC-secured servers behave. You will use DIG
to query two DNSSEC-secured zones that reside on a non-Infoblox primary server. There are four
exercises:

Exercise 1: Use DIG to query the BIND server for the zones n-sec and n-sec3. These are fictitious
top-level domains that have been secured with DNSSEC.

Exercise 2: Configure your appliance to function as a secondary for the n-sec3 zone.

Exercise 3: Cause your appliance to perform a recursive lookup of a DNSSEC-secured zone.

During the lookup, run a traffic capture to see how traffic flows through a trusted relationship.

Exercise 4: See DNNSEC verify the absence of records in a zone.

Exercise 1 – Use DIG to Query a DNSSEC Zone for an SOA record

DIG runs in a command shell.

1. Click Start....Run.

2. Type cmd to open a command shell.

3. Type dig –h.

This will show you a "help screen.”

4. Retrieve the SOA record from the Infoblox DNSSEC DNS server by typing
“dig @198.107.144.70 n-sec soa”.
198.107.144.70 is the DNSSEC DNS server. N-sec is the name of the zone that you are
querying.

© 2011 Infoblox Inc. All Rights reserved. 32

Did you get results similar to the above?

5. Run a slightly modified version of the above command:

Type “dig @198.107.144.70 n-sec soa +dnssec”.

6. Look at the results. Notice anything different?

© 2011 Infoblox Inc. All Rights reserved. 33

© 2011 Infoblox Inc. All Rights reserved. 34

Exercise 2 – Configure Your Appliance to be a Secondary for a DNSSEC Zone
In this exercise, you will configure a zone called n-sec3. A Infoblox DNSSEC DNS server will be the
primary. Your appliance will be the secondary. Perform the following tasks:

1. On your appliance, enable DNSSEC. Make sure that DNSSEC validation is also enabled.

a. Go to the Data Management panel, and then select the DNS panel.

b. From the Toolbar, select the Grid DNS Properties.

c. Select DNSSEC, and then Check the Enable DNSSEC box, and the Enable DNSSEC
validation box.

d. Click Save & Close.

2. On your appliance, create a zone called n-sec3 and list the Infoblox DNSSEC DNS server as
an external primary and your appliance as the secondary. Here are the details:
Zone Name: n-sec3

Primary server hostname: elabs-dns.training.infoblox.com

© 2011 Infoblox Inc. All Rights reserved. 35

Primary server IP address: 198.107.144.70

Secondary: your appliance

3. Type “dig @<Your-Infoblox-Appliance-IP> n-sec3 soa” to verify that you can get a
response.

4. From the GUI, look at the types of records, and the number of records that are in this zone.

5. What evidence is there (besides the zone’s name) to tell if this is an NSEC or NSEC3 signed
zone?

© 2011 Infoblox Inc. All Rights reserved. 36

Exercise 3 –Watch DNSSEC-secured Traffic Move Between Two Servers
In this exercise, you will create a forwarding zone that will link your appliance to the Infoblox
DNSSEC DNS server. You will then run a traffic capture, run DIG, and watch the flow of traffic
between the two servers.

1. Enable recursion on your appliance.

2. On your appliance, create a Forward zone.

a. Go to the Data Management panel, then to the DNS panel.

b. Under the Zones panel, click the arrow next to the “+” plus sign.

c. Select Forward Zone.

3. Enter the following information for the zone:

Zone name: N-SEC.

Forwarders: eLabs-dns.training.infoblox.com (198.107.144.70).

Use Forwarders Only: Check this box

Name Servers: Your Grid Member

4. Start a traffic capture on your Infoblox appliance.

5. Type “dig @<Your-Infoblox-Appliance-IP> n-sec soa” and verify you are getting a
response.

© 2011 Infoblox Inc. All Rights reserved. 37

6. Download the traffic capture and save it for later use.

7. Open a DOS prompt by clicking on the “CMD” icon on the desktop

8. Type the command: cd C:\Documents and Settings\training\Desktop

9. Run FTP and connect to the following server

FTP Server: ftp.training.infoblox.com
User: ftp

10. Once logged in, you are going to get a file called DNSSEC-lab-keys.txt that holds the
“trusted keys” for the n-sec zone. Run the following commands. (Note that they are case-
sensitive.)
• cd DNSSEC

• get DNSSEC-lab-keys.txt
The GET command places the file here: C:\Documents and Settings\training\Desktop.

11. Open DNSSEC-lab-keys.txt by double-clicking on it (it’s on your desktop).

12. Return back to the NIOS GUI, and open the Toolbar (if no already open).

13. Click on the Grid DNS Properties.

14. Go to DNSSEC and click the “+” (plus) button next to Trust Anchors.

© 2011 Infoblox Inc. All Rights reserved. 38

15. Enter the zone name (n-sec) and copy the key string from the DNSSEC-lab-keys.txt file into
the Key text box. Also select “5 RSA/SHA-1” from the Algorithm.

16. Click Save & Close. (Do you need to restart services????)

17. Start a traffic capture on your Infoblox Appliance.

18. Open a DOS prompt on your Windows system and type “dig @<Your-Infoblox-Appliance-
IP> n-sec soa” and verify you are getting a response.

19. Download the traffic capture. Make sure you do not save it over the traffic capture you took
earlier.

20. Unzip the capture as follows:

a. On your remote Windows XP desktop, right-click on the tcpdumplog.tar.gz file and

select “7-Zip Æ Extract Here” to create a tcpdumpLog.tar file.

b. Right-click on the tcpdumpLog.tar file and select “7-Zip Æ Extract Here” again to
create a traffic.cap file.

c. Rename this file so you do not overwrite it. Then extract the second traffic capture.

© 2011 Infoblox Inc. All Rights reserved. 39

21. Double-click each traffic.cap file to open it with Wireshark. Compare the traffic generated
before and after installing the trusted key.

22. Look at the results. Notice anything different?

Exercise 4 – DNSSEC Authenticated Denial of Existence

Watch how your appliance handles queries for non-existent records.

1. Type “dig @<Your-Infoblox-Appliance-IP> dhcp.test.n-sec a” and review your response.

2. Type “dig @<Your-Infoblox-Appliance-IP> dhcp.test.n-sec a +dnssec” and review your

response.

3. Look at the results. Notice anything different? What can be said about the A record
dhcp.test.n-sec?

© 2011 Infoblox Inc. All Rights reserved. 40

© 2011 Infoblox Inc. All Rights reserved. 41

Exercise 5 – Configure Your Appliance to be a Primary for a DNSSEC Zone
Let’s see how a DNSSEC Primary is handled.

1. Add an Authoritative Forward-Mapping Zone called signed.studentXX.tld (where XX is

your student number.)

Use your appliance as the Primary Name Server

2. Select the signed.studentXX.tld zone (check the box to the left of it)

3. Go to the Toolbar and select the drop down arrow next to DNSSEC.

4. Select Sign Zone.

5. That will launch the Sign Zone dialog box. Click on Sign Zone again.

6. Look at the zone. Note all the new records.

7. Add a new A record in the zone.

a. Notice the NSEC record for that new record is automatically added

b. The “previous” record will automatically get a new NSEC record, too, pointing to the
new record as the “NEXT” record in the zone

© 2011 Infoblox Inc. All Rights reserved. 42

Challenge 1: Install the trust-anchor for the “root” zone
Inside of the DNSSEC-lab-keys.txt (previously used) is a key for the zone “.”, which is the root zone.
Install this key using the algorithm listed in the file. Repeat the procedure you did in exercise 3, doing a
dig to elab.training.infoblox.com. The training.infoblox.com and the infoblox.com zones are DNSSEC
signed. Since “com” is also signed, and so is “.”, you will be able to see the entire “walking” of the
chain of trust, all the way to the root zone.

Unzip the traffic capture you take using 7-zip, as you did in the previous exercises, and trace the
conversation that takes place to validate the response from the dig command.

© 2011 Infoblox Inc. All Rights reserved. 43

Introduction
Infoblox uses anycast to provide reliable DNS service. Anycast enables a group of appliances to share a
common address and to appear to clients as a single entity. When clients send queries to the anycast
address, the queries do not go to the group but are instead are routed to the “nearest” server within the
anycast group. Anycast thus ensures the fastest possible resolution to queries and provides a mechanism
for recovering from server failures. When one server fails, DNS queries are automatically rerouted to
one of the surviving servers.

© 2011 Infoblox Inc. All Rights reserved. 45

Module Objectives
After successfully completing this module, you will be able to:

• Understand Infoblox’s implementation of Anycast

• Configure an anycast IP address on the loopback interface. This address will be shared by all of
the servers in your anycast group

• Configure the appliance to use OSPF to advertise routing information to the upstream router

• Enable DNS services to use the anycast address

Lab Exercise Overview

In this lab, you will pair up with another student and each of you will configure an anycast address on
your appliance. Each pair of students will have their own anycast IP address. The instructor will
provide the addresses.

In the exercise, you will configure the anycast address on the loopback interfaces of your servers. Then
you will configure your appliance to use OSPF so it can advertise the anycast address to the upstream
router. Afterwards, you “turn on” anycast by configuring DNS services to listen for queries sent to the
anycast address. When you and your partner have finished configuring your appliances, you will test
your setup by using DIG to query the anycast IP address and seeing which of the two servers responds.

Exercise1 - Configure the Loopback Interface

In this exercise, you configure an anycast IP address on the loopback interface. This address will be
added to all appliances within your anycast group.

1. From the Grid panel select the Grid Manager panel.

2. Select the Members Panel

© 2011 Infoblox Inc. All Rights reserved. 46

3. Edit your Grid Member by click in the check box next to its name, and selecting the Edit button.

4. Go to the Anycast tab.

5. Click on the “+” (plus) button under the Anycast Interfaces section.

6. Add the Anycast IP address of 172.16.52.52.

7. Check the OSPF Box

8. Optionally, enter a comment for this IP address.

Exercise 2 - Configure OSPF on the LAN Interface

In this exercise, you configure the LAN interface on your appliance to function as an OSPF advertising
interface. This interface will advertise OSPF routing information to the network so that routers can
determine the best server to query.
Note: If the device is part of an HA pair, the HA interface is chosen. If the device is not part of an
HA pair, the LAN interface is chosen.

© 2011 Infoblox Inc. All Rights reserved. 47

1. Staying in the same panel, click the “+” (plus) button in the OSPF Area Configuration section.

2. Enter the following values:

a. Area ID = 0.0.0.0

b. Area Type = Standard

c. Authentication Type = MD5

d. Key ID = 1

e. Key = anycast

f. Cost = Calculate Automatically

g. Hello Interval = 10

h. Dead Interval = 40

i. Retransmit Interval = 5

j. Transmit Delay = 1

3. Click the Add button.

4. Click Save & Close.

Exercise 3 - Configure DNS services to use the Anycast Address
In this exercise, you tell DNS service to use the anycast address.

1. Go to the Data Management panel, and the Members panel underneath the DNS panel.

2. Select your member and click the edit button.

3. Click the Advanced Tab at the top of the Members DNS Properties panel.

4. Switch to the Advanced portion of the General tab.

5. Click on the “+” plus button under the Listen on These Additional IP Addresses section.

6. Notice the Anycast address you configured earlier appears.

7. Click Save & Close.

8. Did you restart services?

Exercise 4 - Testing Your Setup
To test your setup, you will need to verify that both your Infoblox device and router are active
participants in the Anycast “cloud”.

1. Verify that the Infoblox device has OSPF running:

a. From the Administration panel, go to the Logs panel.
b. Select the Syslog and verify OSPF is running correctly.

c. Verify that the router has learned the Anycast address via OSPF:
i. To log into the router, telnet to your appliances default gateway
ii. Login using:
1. Username: admin
2. Password: infoblox
iii. While logged into the router, type “show ip route” to see its current routing table
iv. While logged into the router, type “show ip ospf neighbor” to see all of the OSPF
peers.

2. Disable DNS
a. Go back and disable your appliance from using DNS.
Hint: Stop DNS from listening on the Anycast IP, or turn off DNS.
b. Now go back and look at the routers routing table.
c. What changed? Do you still see your route?

Lab 7
7 Views

Introduction
In this lab, you will create views.

Module Objectives
After successfully completing this module, you will be able to:

• Create a DNS View

• Create a Network View

• Move Zone Records from one View to another

• Configure Role based Access Control

Exercise 1 – Create a DNS View
A DNS View is a setting that allows an Infoblox appliance to serve different DNS records depending on
the source of the query. The following exercise shows you how to create a DNS View.

1. Open the Data Management panel, then the DNS panel and then the Members panel.

2. In the menu, click the down arrow next to the Add command and then select Add DNS View
from the sub-menu.

A wizard opens

3. Enter a name for the View.

4. Click Next.

5. Click the downward arrow in the Add button (+) and select IPv4 Address from the menu.

6. Enter the IP addresses (there are 2 of them) of your virtual XP machine.

- 10.100.x.y, where x is your student number, and 198.107.144.y
- Open a DOS window and record the IP addresses listed in the output of the ipconfig /all
command

7. Click Save & Close (we don’t need to add any extensible attributes.)

8. Restart services.

Exercise 2 – Add a Zone and Some Records to the New DNS View
Add a zone and an A record to your new DNS View.

1. In the Zones panel, click on your DNS View to open it.

2. Click the Add button (+) and select Authoritative Zone from the menu.

3. When the wizard opens, enter a zone name (make one up) and assign your appliance as the
Primary nameserver. Afterwards, save and close the wizard.

4. Add an A record to your zone. Make up a hostname and IP address.

5. Restart services.

Exercise 3 – Set the View Order for Your Appliance
1. Open the Members panel

2. Select your appliance.

3. Click the Edit button.

A wizard opens.

4. Click the text marked Toggle Advanced Mode in the top right corner.

5. Select the DNS Views tab (in the left column).

6. When the DNS Views page opens, check the radio button labeled Order DNS Views
automatically.

7. Save your settings (i.e., close the dialog box).

8. Restart services.

Exercise 4 – Create a Network View

A Network View is a setting that allows an Infoblox appliance to track IPAM and server DHCP data
from overlapping IP spaces. The following exercise shows you how to create a Network View.

1. Open the Administration panel and then the Network Views panel.

2. Click the “+” (plus) button to launch the Add Network View Wizard.

3. Enter StudentX_CompanyB for the new Network View’s name, where X = your assigned
student number.

4. Click Save & Close.

5. Rename the default Network View to StudentX_CompanyA, where X = your assigned student
number.

6. Restart services.

Exercise 5 – Associating DNS Views with Network Views
1. Go to the Data Management panel, select DNS, and Zones.

2. What DNS views are associated with StudentX_CompanyA?

3. What DNS views are associated with StudemtX_CompanyB?

4. Add a new DNS view called CompanyB_External to the StudentX_CompanyB Network View.

5. Rename the default DNS View in StudentX_CompanyB to CompanyB_Internal.

6. Restart services.

Exercise 6 - Test Your Work

1. Use DIG to query for the zone you created earlier in Exercise 1.
dig @<your server’s address> <zone name> any
dig @<your server’s address> < record name> a

Exercise 7 - Copy Zone Records

In the following exercise, you use the Copy command to copy zone data from one zone to another.

1. Under the StudentX_CompanyA network view in the Zones panel, open the DNS View you
created earlier.

2. In your DNS View, create an authoritative forward mapping zone. This will be the destination
for your copied records.

3. Restart services.

4. Add a check to the box next to the source zone that has some manually created records in it.
Note that you can not copy auto-generated records.

5. Choose Copy Records from the menu.

6. In the dialog box that opens, select the destination zone that you just created.

7. Click the Select Zone button.

8. Navigate to the zone you created in Step 2.

9. Select Copy All Records.

10. You could choose an “Copy Options” choice, but since we are copying records to a freshly
created, empty zone, none of the options really applies at the present time.

11. Click Copy & Close.

12. Verify your work.

Check the Records panel for the zone you copied the record to and make sure they exist.

____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________

Lab 8
8 DHCP Failover

Introduction
In this lab, you will build a Grid, configure a DHCP Failover association, and use the DHCP Failover
Association when creating DHCP ranges.

Module Objectives
After successfully completing this module, you will be able to:

• Create a new DHCP Failover associations

• Monitor the status of DHCP Failover associations

• Configure DHCP ranges to be used by DHCP Failover

Configuring DHCP Failover
To configure the DHCP Failover, perform the following tasks:

• Create DHCP Failover Associations on both the primary and secondary DHCP servers. This
only needs to be done once if the primary and secondary servers are both in a grid.

• Verify the Failover association is up and running.

• Assign DHCP ranges to use the DHCP Failover association.

Exercise 1 – Create a Grid

The instructor, or a student designate, will to be the Grid Master. They will configure their appliance for
all other students to join their Grid. The remaining students will then configure their appliances to join
the Grid.

Exercise 2 – Create a new DHCP Failover Association

All steps provided are from the Grid level, from the newly configured Grid Master.

1. From the Data Management panel, select the DHCP panel

2. Select the Members panel

3. Expand the Failover Associations section

4. Click the “+” (plus) button to add a failover association

5. In the Name field, fill in FA-xx-yy where “xx” is your student # and “yy” is your peers student
#. Remember that you are now in a grid and each DHCP Failover association name must be
unique!

6. Using the “Select member…” button, select your device as the Primary.
This assigns the local device as the primary DHCP server.

7. Using the “Select member…” button, select the Grid Master as the Secondary.
It is very important that you choose the Grid Master as the secondary.

8. The rest of the parameters should remain unchanged.

9. Save your changes.

10. Edit the Failover Association and change the MCLT value to 5 minutes.
NOTE: This is NOT a recommended value and is being used for lab purposes only!

a. Select the Triggers tab

b. If you don’t see an Advanced tab at the top, click on the Toggle Expert Mode link

c. Click on the Advanced tab

d. Change the value for Maximum Client Lead Time (s) from the default value of 3600 (1
hour) to 300 (5 minutes)

11. Save your changes and restart services.

Exercise 3 – Adding DHCP Ranges and Assigning them to a DHCP Failover
Association
DHCP Failover works on the range level, so an important part of DHCP Failover is the creation of
DHCP ranges.

1. From the DHCP panel, select the Networks panel

2. Click the “+”, (plus) button to add a network

3. Create the following, where XX = your Student Number:

a. Network: 10.100.XX.0 /24

b. DHCP Range 10.100.XX.1 – 10.100.XX.254

c. Make sure the Network is assigned to both members of your DHCP Failover association

d. Make sure the DHCP Range is assigned to the DHCP Failover association

4. Save your changes

After completing the configuration don’t forget to restart your services.

Exercise 4 – Verifying the DHCP Failover Association
After creating and applying the DHCP Failover Association:

1. Go back to Failover Associations section of the DHCP and Members Panels (where you
created your association earlier)

2. View the current status of your FO association.

3. Next go to the Syslog and review the messages related to your association.

4. Does the association look healthy?

5. Reboot your appliance.

6. Does the status of the association change? What Syslog messages do you see on the Grid
Master, and on your member (after it comes back up) in regards to the DHCP failover
association?

Exercise 5 – Placing a Failover Association into Partner Down
Since you are working in a Grid configuration, it is VERY important that you STOP here and wait for
the instructor to tell you when you can proceed. Only after all students have completed Exercise 1-4 can
you continue with this lab.

1. The instructor, or one of the students should disable DHCP on the Grid Master.
The end result is that all Failover Associations should show Communication-Interrupted for the
Primary member, assuming that everyone used the Grid Master as the Secondary.

2. Once you have confirmed that the secondary peer is not reachable (DHCP has been disabled, in
this lab to emulate an unreachable/unavailable server), place the remaining peer in Partner-
Down. We are assuming the Grid Master really is not available, so using the GUI should NOT
be an option. Using PuTTy, connect to the Console and run the command: set partnerdown

3. When asked to enter the failover association name, enter the name you gave the Failover
Association.

4. Validate that the Failover Association is now showing Partner-Down.

5. After the entire class has validated the Partner-Down state, the instructor should re-enable DHCP
on the Grid Master.

6. What happens at this point to the Failover Association on both members?

A Appendix A

Student IP Assignments

Introduction
This appendix presents the IP addresses you will be using in eLab.

The following table displays two columns of IP addresses:

10. LAN1 – This is your original address. Use this when your appliance is not in an HA pair.

11. HA – You will need this and the VIP for the HA exercise.

12. VIP – This is the address that you and your partner should share in the HA exercise.

Student IP Assignments

Remote Virtual
Student
Desktop LAN HA VIP Router
Number
Profile ID
1 training-xp01 192.168.1.10 192.168.1.11
192.168.1.14 14
2 training-xp02 192.168.1.12 192.168.1.13
3 training-xp03 192,168.1.15 192.168.1.16
192.168.1.19 19
4 training-xp04 192.168.1.17 192.168.1.18
5 training-xp05 192.168.1.20 192.168.1.21
192.168.1.24 24
6 training-xp06 192.168.1.22 192.168.1.23
7 training-xp07 192.168.1.25 192.168.1.26
192.168.1.29 29
8 training-xp08 192.168.1.27 192.168.1.28
9 training-xp09 192.168.1.30 192.168.1.31
192.168.1.34 34
10 training-xp10 192.168.1.32 192.168.1.33
11 training-xp11 192.168.1.35 192.168.1.36
192.168.1.39 39
12 training-xp12 192.168.1.37 192.168.1.38
13 training-xp13 192.168.1.40 192.168.1.41
192.168.1.44 44
14 training-xp14 192.168.1.42 192.168.1.43
15 training-xp15 192.168.1.45 192.168.1.46
192.168.1.49 49
16 training-xp16 192.168.1.47 192.168.1.48
17 training-xp17 192.168.1.50 192.168.1.51
192.168.1.54 54
18 training-xp18 192.168.1.52 192.168.1.53
19 training-xp19 192.168.1.55 192.168.1.56
192.168.1.59 59
20 training-xp20 192.168.1.57 192.168.1.58
21 training-xp21 192.168.1.60 192.168.1.61
192.168.1.64 64
22 training-xp22 192.168.1.62 192.168.1.63
23 training-xp23 192.168.1.65 192.168.1.66
192.168.1.69 69
24 training-xp24 192.168.1.67 192.168.1.68
25 training-xp25 192.168.1.70 192.168.1.71
192.168.1.74 74
26 training-xp26 192.168.1.72 192.168.1.73
27 training-xp27 192.168.1.75 192.168.1.76
192.168.1.79 79
28 training-xp28 192.168.1.77 192.168.1.78
29 training-xp29 192.168.1.80 192.168.1.81
192.168.1.84 84
30 training-xp30 192.168.1.82 192.168.1.83
31 training-xp31 192.168.1.85 192.168.1.86
192.168.1.89 89
32 training-xp32 192.168.1.87 192.168.1.88
33 training-xp33 192.168.1.90 192.168.1.91
192.168.1.94 94
34 training-xp34 192.168.1.92 192.168.1.93
35 training-xp35 192.168.1.95 192.168.1.96
192.168.1.99 99
36 training-xp36 192.168.1.97 192.168.1.98
37 training-xp37 192.168.1.100 192.168.1.101
192.168.1.104 104
38 training-xp38 192.168.1.102 192.168.1.103

Remote Virtual
Student
Desktop LAN HA VIP Router
Number
Profile ID
39 training-xp39 192.168.1.105 192.168.1.06
192.168.1.109 109
40 training-xp40 192.168.1.107 192.168.1.108
41 training-xp41 192.168.1.110 192.168.1.111
192.168.1.114 114
42 training-xp42 192.168.1.112 192.168.1.113
43 training-xp43 192.168.1.115 192.168.1.116
192.168.1.119 119
44 training-xp44 192.168.1.117 192.168.1.118
45 training-xp45 192.168.1.120 192.168.1.121
192.168.1.124 124
46 training-xp46 192.168.1.122 192.168.1.123
47 training-xp47 192.168.1.125 192.168.1.126
192.168.1.129 129
48 training-xp48 192.168.1.127 192.168.1.128
49 training-xp49 192.168.1.130 192.168.1.131
192.168.1.134 134
50 training-xp50 192.168.1.132 192.168.1.133
51 training-xp51 192.168.1.135 192.168.1.136
192.168.1.139 139
52 training-xp52 192.168.1.137 192.168.1.138
53 training-xp53 192.168.1.140 192.168.1.141
192.168.1.144 144
54 training-xp54 192.168.1.142 192.168.1.143
55 training-xp55 192.168.1.145 192.168.1.146
192.168.1.149 149
56 training-xp56 192.168.1.147 192.168.1.148
57 training-xp57 192.168.1.150 192.168.1.151
192.168.1.154 154
58 training-xp58 192.168.1.152 192.168.1.153
59 training-xp59 192.168.1.155 192.168.1.156
192.168.1.159 159
60 training-xp60 192.168.1.157 192.168.1.158

Infoblox Deployment Guide Infoblox Cloud Platform and Cloud Network Automation
No ratings yet
Infoblox Deployment Guide Infoblox Cloud Platform and Cloud Network Automation
75 pages
PAN9 EDU210 Lab 14
No ratings yet
PAN9 EDU210 Lab 14
12 pages
Adding Firewalls To Panorama: EDU-220 Panorama 8.1 Courseware Version B
No ratings yet
Adding Firewalls To Panorama: EDU-220 Panorama 8.1 Courseware Version B
30 pages
Infoblox Deployment Guide Deploy Infoblox Vnios Instances For Aws
No ratings yet
Infoblox Deployment Guide Deploy Infoblox Vnios Instances For Aws
92 pages
Inflobox DNS Setup For HCP
No ratings yet
Inflobox DNS Setup For HCP
31 pages
BIG-IP System IRules Concepts
100% (2)
BIG-IP System IRules Concepts
44 pages
f5 301a Study Guide LTM Specialist r2pdf
No ratings yet
f5 301a Study Guide LTM Specialist r2pdf
195 pages
F5 Networks 301a - LTM Specialist: Architect, Set-Up & Deploy Study Guide Version 1 - TMOS 11.2
No ratings yet
F5 Networks 301a - LTM Specialist: Architect, Set-Up & Deploy Study Guide Version 1 - TMOS 11.2
230 pages
ClearPass OnGuard Troubleshooting
No ratings yet
ClearPass OnGuard Troubleshooting
90 pages
Cnet 124
No ratings yet
Cnet 124
9 pages
NIOS Configuration Class Lab Guide: Infoblox Educational Services
100% (1)
NIOS Configuration Class Lab Guide: Infoblox Educational Services
161 pages
AAC 008 04 - Labguide
100% (1)
AAC 008 04 - Labguide
74 pages
AAC-008-1 v2 WMK PDF
100% (1)
AAC-008-1 v2 WMK PDF
225 pages
Palo Alto Networks - Edu 210 Lab 1: Initial Configuration: Document Version
No ratings yet
Palo Alto Networks - Edu 210 Lab 1: Initial Configuration: Document Version
19 pages
Infoblox Deployment Guide Implementing Infoblox Dns Traffic Control in Nios 8 X
No ratings yet
Infoblox Deployment Guide Implementing Infoblox Dns Traffic Control in Nios 8 X
65 pages
Infoblox Deployment Guide Network Insight Deployment Guide
No ratings yet
Infoblox Deployment Guide Network Insight Deployment Guide
38 pages
Infoblox 1050 1550 1552 UserGuide
100% (1)
Infoblox 1050 1550 1552 UserGuide
54 pages
Infoblox Deployment Guide Implementing Infoblox Dns Firewall
No ratings yet
Infoblox Deployment Guide Implementing Infoblox Dns Firewall
21 pages
F5 ASM Training
No ratings yet
F5 ASM Training
3 pages
GTM Advanced Topics - v5
No ratings yet
GTM Advanced Topics - v5
11 pages
F5 Configuring BIG-IP GTM v11 Student Guide
No ratings yet
F5 Configuring BIG-IP GTM v11 Student Guide
328 pages
VLab Demo - Using APM For Single Sign-On - V12.0.B
No ratings yet
VLab Demo - Using APM For Single Sign-On - V12.0.B
10 pages
Advanced Firepower IPS Deployment
No ratings yet
Advanced Firepower IPS Deployment
219 pages
Palo Alto Networks - Edu-210: Document Version
No ratings yet
Palo Alto Networks - Edu-210: Document Version
33 pages
F5 LTM Lab Setup in Vmware Workstation:: Vmnet0 Vmnet8 Vmnet1
No ratings yet
F5 LTM Lab Setup in Vmware Workstation:: Vmnet0 Vmnet8 Vmnet1
3 pages
Palo Alto Networks Edu-210: Document Version
100% (1)
Palo Alto Networks Edu-210: Document Version
31 pages
F5 LTM
No ratings yet
F5 LTM
18 pages
Infoblox Deployment Guide Nios Integration With Radius
No ratings yet
Infoblox Deployment Guide Nios Integration With Radius
12 pages
Iser Lab For BYOD
No ratings yet
Iser Lab For BYOD
25 pages
Configuration Guide For BIG-IP Access Policy Manager
No ratings yet
Configuration Guide For BIG-IP Access Policy Manager
542 pages
CP R80.20 RemoteAccessVPN AdminGuide
No ratings yet
CP R80.20 RemoteAccessVPN AdminGuide
161 pages
81819-ISE Posture Configuration Exercise
No ratings yet
81819-ISE Posture Configuration Exercise
81 pages
F5 Os Upgrade Procedure
No ratings yet
F5 Os Upgrade Procedure
9 pages
FirePower 6-6 DUO 2FA LAB
No ratings yet
FirePower 6-6 DUO 2FA LAB
33 pages
Deploying BIG-IP GTM With APM For Global Remote Access: Deployment Guide
No ratings yet
Deploying BIG-IP GTM With APM For Global Remote Access: Deployment Guide
11 pages
Authentication Integration With Aruba Clearpass
No ratings yet
Authentication Integration With Aruba Clearpass
24 pages
CDCA-81-Lab-Guide
No ratings yet
CDCA-81-Lab-Guide
362 pages
Palo Alto Networks VMware Workstation 10.0 Academy Lab Deployment Guide
No ratings yet
Palo Alto Networks VMware Workstation 10.0 Academy Lab Deployment Guide
36 pages
SSL Intercept F5
No ratings yet
SSL Intercept F5
58 pages
Deploying DNSSEC v3
No ratings yet
Deploying DNSSEC v3
31 pages
TenableCOre Nessus
No ratings yet
TenableCOre Nessus
84 pages
F5 LTM Lab Guide
No ratings yet
F5 LTM Lab Guide
7 pages
ZCCA-IA Policy-Web-Security StudentGuide 6.1 v1.0
No ratings yet
ZCCA-IA Policy-Web-Security StudentGuide 6.1 v1.0
121 pages
Firepower NGFW Lab-Advanced v1.7
No ratings yet
Firepower NGFW Lab-Advanced v1.7
48 pages
Radware Installation and Maintenance Guide-Feb-2011
No ratings yet
Radware Installation and Maintenance Guide-Feb-2011
115 pages
Infoblox DDI Documentation
No ratings yet
Infoblox DDI Documentation
7 pages
Infoblox Installation Guide 1405 Series Appliances
No ratings yet
Infoblox Installation Guide 1405 Series Appliances
26 pages
Ederic 186q Vce
No ratings yet
Ederic 186q Vce
12 pages
ZPA Workshop Guide V11 Unified
No ratings yet
ZPA Workshop Guide V11 Unified
30 pages
NIOS 8.6.x Documentation
No ratings yet
NIOS 8.6.x Documentation
2,330 pages
LTM Fundamentals Exercise Guide - Partners - V13.0.K
No ratings yet
LTM Fundamentals Exercise Guide - Partners - V13.0.K
193 pages
Ts Sgfw-Asa Lab Guide 2013-09-13
No ratings yet
Ts Sgfw-Asa Lab Guide 2013-09-13
42 pages
BlueCoat Basic Troubleshooting
No ratings yet
BlueCoat Basic Troubleshooting
4 pages
Palo Alto Networks - Edu-210: Document Version
0% (1)
Palo Alto Networks - Edu-210: Document Version
27 pages
BIG-IP Link Controller Implementations
No ratings yet
BIG-IP Link Controller Implementations
80 pages
F5 BIG-IP APM - Implementation Guide
No ratings yet
F5 BIG-IP APM - Implementation Guide
8 pages
f5 LTM GTM Operations Guide 1 0 PDF
No ratings yet
f5 LTM GTM Operations Guide 1 0 PDF
144 pages
Mastering Netscaler VPX: Learn how to deploy and configure all the available Citrix NetScaler features with the best practices and techniques you need to know
From Everand
Mastering Netscaler VPX: Learn how to deploy and configure all the available Citrix NetScaler features with the best practices and techniques you need to know
Marius Sandbu
No ratings yet
Implementing NetScaler VPX™ - Second Edition
From Everand
Implementing NetScaler VPX™ - Second Edition
Sandbu Marius
No ratings yet
Learning SaltStack - Second Edition
From Everand
Learning SaltStack - Second Edition
Colton Myers
No ratings yet
Troubleshooting NetScaler
From Everand
Troubleshooting NetScaler
Raghu Varma Tirumalaraju
No ratings yet
AdventNet ManageEngine SupportCenterPlus 7 Help AdminGuide
No ratings yet
AdventNet ManageEngine SupportCenterPlus 7 Help AdminGuide
212 pages
Deployment Guide - Palo Alto Networks NGFW With Gigamon Deployment Guide
No ratings yet
Deployment Guide - Palo Alto Networks NGFW With Gigamon Deployment Guide
24 pages
MNL 0827
No ratings yet
MNL 0827
118 pages
Administration Guide: Fortinet Server Authentication Extension™ Version 3.0 MR7
No ratings yet
Administration Guide: Fortinet Server Authentication Extension™ Version 3.0 MR7
36 pages
FortiMail Administration Guide 06-30003-0154-20080605
No ratings yet
FortiMail Administration Guide 06-30003-0154-20080605
402 pages
Module 09 (Spanning Tree)
No ratings yet
Module 09 (Spanning Tree)
38 pages
Technical Note: Fortinet Server Authentication Extension
No ratings yet
Technical Note: Fortinet Server Authentication Extension
26 pages
Junos Security Swconfig Security
No ratings yet
Junos Security Swconfig Security
1,074 pages
XCS v91 Studentguide Basics
No ratings yet
XCS v91 Studentguide Basics
248 pages
Junos Security Admin Guide
No ratings yet
Junos Security Admin Guide
452 pages
Cross-Module Trunking in Extremeware 7.1.1
No ratings yet
Cross-Module Trunking in Extremeware 7.1.1
16 pages
F5 Analytics - Lab Guide - Final
No ratings yet
F5 Analytics - Lab Guide - Final
35 pages
EXOSConcepts12 5 3
No ratings yet
EXOSConcepts12 5 3
1,584 pages
CCNA Syllabus
No ratings yet
CCNA Syllabus
9 pages
Exercice N°2
No ratings yet
Exercice N°2
7 pages
Akuvox SP-R50 Manuale
No ratings yet
Akuvox SP-R50 Manuale
79 pages
RSE Final Practice PT
No ratings yet
RSE Final Practice PT
9 pages
PaperCut_Deployment_Guide
No ratings yet
PaperCut_Deployment_Guide
55 pages
B Cisco UCS Manager CLI Administration MGMT Guide 3 1
No ratings yet
B Cisco UCS Manager CLI Administration MGMT Guide 3 1
168 pages
Mastering Netscaler VPX TM - Sample Chapter
No ratings yet
Mastering Netscaler VPX TM - Sample Chapter
39 pages
PaperCut MF - Xerox Secure Access Manual
No ratings yet
PaperCut MF - Xerox Secure Access Manual
38 pages
Cisco Datasheet
No ratings yet
Cisco Datasheet
37 pages
Lab 9.3.3: Configuring The NIC To Work With A DHCP Server: Estimated Time: 10 Minutes Objective
No ratings yet
Lab 9.3.3: Configuring The NIC To Work With A DHCP Server: Estimated Time: 10 Minutes Objective
4 pages
Port Forwarding and DMZ For Tilgin HG2381
No ratings yet
Port Forwarding and DMZ For Tilgin HG2381
7 pages
CSE 3711 Lecture-No. 5 (Summer 2023)
No ratings yet
CSE 3711 Lecture-No. 5 (Summer 2023)
67 pages
Banks Oalm TC Re
No ratings yet
Banks Oalm TC Re
26 pages
Um en PC Worx SRT 8681 en 00
No ratings yet
Um en PC Worx SRT 8681 en 00
80 pages
Nse7 - Efw-7.0v4.0 Grifado
No ratings yet
Nse7 - Efw-7.0v4.0 Grifado
101 pages
Si Entro Inst en Acces Card
No ratings yet
Si Entro Inst en Acces Card
132 pages
SRX High Availability Deployment Guide
No ratings yet
SRX High Availability Deployment Guide
53 pages
Linux Essentials Chapter 12 Exam Answers 2019 + PDF
No ratings yet
Linux Essentials Chapter 12 Exam Answers 2019 + PDF
2 pages
Simulate ONTAP 8.2 Step-by-Step Installation (Nau-Final) PDF
No ratings yet
Simulate ONTAP 8.2 Step-by-Step Installation (Nau-Final) PDF
53 pages
Experiment 8 Ospf
No ratings yet
Experiment 8 Ospf
10 pages
MANUALE UTENTE VMS 6.4 INGLESE
No ratings yet
MANUALE UTENTE VMS 6.4 INGLESE
31 pages
Learning Activity Sheet: Ip Subnetting
No ratings yet
Learning Activity Sheet: Ip Subnetting
5 pages
4.6.6 Lab - View Wired and Wireless NIC Information
No ratings yet
4.6.6 Lab - View Wired and Wireless NIC Information
4 pages
TURCK-Profibus, Profinet With Proficy
No ratings yet
TURCK-Profibus, Profinet With Proficy
22 pages
Installation & Owner'S Manual: M-Interface
No ratings yet
Installation & Owner'S Manual: M-Interface
30 pages
DES-3028 28P 52 52P CLI v1.00
No ratings yet
DES-3028 28P 52 52P CLI v1.00
250 pages
CCNA Discovery 1 - Course Outline
No ratings yet
CCNA Discovery 1 - Course Outline
3 pages
Css For Grade 10 - FQL2 - Core3 - 2. Configure Network Services For LMS Part 2
No ratings yet
Css For Grade 10 - FQL2 - Core3 - 2. Configure Network Services For LMS Part 2
21 pages
DM4100 - Series: Datasheet DM4100 - Ver 35 - Apr/2017
No ratings yet
DM4100 - Series: Datasheet DM4100 - Ver 35 - Apr/2017
23 pages