Archives January 2023

How to Configure VXLAN on Fortigate

Hello everyone, in this video I will show how can you extend VLANs over IP. In FortiGate by using vxlan you can do this.

How to Configure VXLAN on Fortigate

You can see my topology in this picture. I have 2 firewall that connects to each other, this connection can be through a layer 2 switch, layer 3 routers, or IPSec tunnels, no matter which connection type you are using because by using VXLAN technology your ethernet frames encapsulate and send to another side via IP packets and then decapsulate.

I have 2 trunk ports (port number 2 on both firewalls) that connect to layer 2 switches and carry VLAN 3500 and 3600 traffic.

you can see the IP numbers in this picture, I use 10.10.10.141 and 10.10.10.142 to manage firewalls, and also our vxlan tunnel will bring up over these IPs.

Ok, let’s start the configuration

Start configuration on 10.10.10.141, at the first we have to create vxlan interface, you cannot do from GUI , so open the console

Write config system vxlan

Edit vxlan3500, you can use any name for your interface name

Set nvi 3500, this command Is used to tell this tunnel caries which VLAN

Set por …… , sorry set interface port1, that means initiate my vxlan tunnel from this interface, it can be physical or IPSec tunnel

Set remote-ip 10.10.10.142, this command sets the tunnel destination IP address, another means, other points of our vxlan tunnel.

Ok, end

As you can see on the interfaces under port1 I can see vxlan3500 interface and the type is vxlan

Let’s create VLAN on port2 to carry our VLAN 3500 traffic to the layer 2 switch as I have already shown on the topology

Give the name, set the interface, enter 3500 as VLAN id, and click ok

As you can see I have a VLAN interface and vxlan interface and both of them are set to VLAN 3500 , now I need to create a software switch and assign these interface to it

Select software switch

Gives a name

Select VLAN and vxlan as member

Give an IP to this interface, you can skip that but at this time I give an IP address to test my vxlan configuration

Ok, our software switch on this firewall was created and it has an IP address, now I have to config another firewall

Create vxlan on this firewall

Edit vxlan 3500 ,

Huummm, what is the problem? oh I put the space in the name

Names can be different on the firewalls but I use the same name on both end

Set vni

Set interface

Then set the remote IP that points to another end of my tunnel, its reverses from the first firewall

Ok, vxlan interface created,

Now create a VLAN on port 2

Set the VLAN id

That is ok,

Same as the earlier configuration I create a software switch and assign IP address to it

The name can be different, but I use the same name on both ends

Set the members

Give the IP address,

As you can in this topology this side IP address is 192.192.35.142

Ok,

As you can see software switch created,

Now I am going to text my vxlan tunnel,

Execute ping 192.192.35.141 , as you can see this IP is located on another side of our tunnel

Ok, our tunnel configuration is correct and we can ping IP from VLAN 3500 from another side of our tunnel.

With this diagnostic command, you can see the mac addresses that are learned from another end of the tunnel for specific vxlan interface  

diagnose sys vxlan fdb list vxlan3500

As you can see this mac address is our port2 interface on another end of the tunnel

I copy this command to execute on another firewall to see the result

Now create another vxlan interface to carry VLAN 3600 traffic

Set nvi 3600

Configuration is the same as vxlan 3500 but vni is different,

Vxlan 3600 created,

Now create a VLAN 3600 interface on port 2

Set VLAN id to 3600

Ok

Again create another software switch and assign vxlan 3600 and VLAN 3600 interface as a member to it

Give a name

Select members,

Give an IP address,

As you can see in the topology this VLAN subnet is 192.192.36

Ok

Software switch created

As you can see without config vxlan on both firewalls I can not ping VLAN 3600 IP address

Create vxlan 3600 on this firewall

Set vni

Set remote IP to another side of the tunnel

End

Try to ping,

its failed because I don’t create a software switch and assign vxlan and VLAN as members

Create VLAN 3600

set VLAN id

ok

now create a software switch

assign vxlan and VLAN 3600 to it

give an IP address based on our topology

ok I have 2 software switches now and vxlan and VLAN interfaces assigned to them

now test IP address from VLAN 3600

that is it

also, you can see the mac addresses learned on this VLAN from another end of the tunnel

by using this method you can extend your layer 2 networks between the different locations over the wan links, its used for any purpose, that’s depend on you,

for each VLAN you have to create a different vxlan interface and software switch.

I hope you enjoy this video, if you have any questions you can ask them in the comments, don’t forget to subscribe to my channel and watch other videos, have a good day.

Reset Password for HP storage

Hello everyone. In this video I will show how you can reset your HP storage password. With this method, you can reset any type of HP storage password.

Reset Password for HP storage

First, you must connect your laptop or PC to the storage via console cable. In some versions, the console cable is the USB, then using putty or another application to connect to the storage

Second, you have to determine the console connection COM number.  To do this after connecting your laptop or PC open device manager from this list open ports and as you can see, my usb com port number is 5, it can be different in your environment

Come back to the putty and select the serial, write com5 and click on the open

We use default built-in user as restoredefaults to reset storage password

The password is our storage serial number 

After entering the password, wait for some minutes to perform the action.

OK, Storage SP unit restarted, try to reconnect 

Now at this time, I will login with the default factory username and password. Username is manage, password is !manage.

We had to wait some minutes for the SP units to sync the configuration. 

ok, with a set password command, we can set the password for the manage user.

Default username : manage

Default password : !manage

That’s it. I hope you enjoy this video. Don’t forget to subscribe to my channel and like the videos. Have a good day, bye 

vSphere ESXi 8.0 Installation and Configuration

Hello everyone, today I am going to show you how can install and configure ESXi 8 , as you know this version was released some days ago. you can watch the video or continue to read this document.

vSphere ESXi 8.0 Installation and Configuration

At the first I am connecting to the server console via ILO  , then mount ESXi installer to the server, select VMware ESXi 8 iso file then click on open

Now turn on the server

Waiting for some minutes to server comes up

Press f11 to select boot option of server

Select Ilo virtual USB DVD drive then press enter

Waiting for some minutes to load the installer files

Press enter

Press F11 to accept

Select the location of ESXi files, I use USB disk as the installation destination

Press enter

Because I installed ESXi 7 on this USB it shows us to upgrade or install the new version of ESXi , I select install

Set your root password

Because my CPU and server are not compatible with this version of ESXi I got the warning, I know this and this is not a problem for me at this time, press enter

This warning shows us that the selected destination will be formatted, some minutes ago I selected USB disk as a destination

Ok , that’s done

Before restart the server unmount the ESXi installer iso from the console

Now that is the time to set the ip addresses of esxi host

Press F2 then enter the root password

In this menu select configure management network then press enter

Press enter on the network adapters

Select the connected network adapters by pressing the space on the adapter

Enter

Because I used a management VLAN I have to set the VLAN , if your environment is not secure enough you can skip this option

Going to ipv4 configuration and select set static ipv4

Enter the ip address

Press enter

Use escape to exit and press y to save the changes

Ok , ESXi host IP address appears here

Now it is time to login from the web interface

Enter username and password and login to ESXi version 8

Wow , that’s beautiful

I think get vcenter server  does not exist in version 7

Check the host management options

Let me check other menus

I have never seen get ssh for chrome before, let me check what is it

It redirected me to the chrome extension center, install the extension

Try it again

Wow , that’s great

I got the connection refused error, may be because our ssh service is not running

Start ssh service

Try it again

Wow , I think that is useful

Another new option is about the warning, I click on the action problematic section highlighted

Check other sections of new version

I am adding iscsi interface to check what is difference in the new version

I am checking my iscsi IP addresses on another display

Enable software iscsi

Add the target of iscsi

Let me check what is the problem,

Oh I got it, I have to add a dynamic target instead of static

Write the IP address of the storage

Let me check why I can not see the LUNs

I forgot to add the iscsi VLAN on the connected ports on the backbone

Ok , iscsi disk appears here but to access the LUNs I have to approve this host on the storage

As you can see I am waiting to approve the host on the storage

Ok , refresh and all LUNS appears here

Let’s check the virtual machine create wizard

The performance monitor is the same as the old version

Ok that’s it , I hope you enjoy this video, I will record another video about installing vcenter version 8 , if you subscribe to my channel you can view it some days later. Also I will upload the ESXi installer to my website, you can find the link in the comments. Don’t forget to like the videos and ask your questions in the comments

Create Red Hat Account and Activate the Subscription

Hello everyone, in this video, I am going to show you how you can create an account on redhat.com and activate your subscription, that’s free

Create Red Hat Account and Activate Subscription

Going to redhat.com

Click on login and then register now

Select personal as the account type

Write your preferred username

Write your password

Write it again

Here you must write your personal information,

Select your country and give the address,

Click on create my account

If you don’t receive the confirmation email click on resend confirmation email and wait for a second, also check your junk folder

Click on the link in your email

Ok , my email address confirmed

Going to manage account

That is your account summary

Click on the user profile then subscription

You can  subscriptions and registered systems here

As you see we don’t have any subscriptions here

Going to developers.redhat.com

Click on login,

After you check the agreements you got free subscriptions

Click on submit

Check the mailbox to activate your subscription

Come back to subscription management and refresh the page

Okay, our free subscription was activated successfully

I will register my RedHat server and assign these subscriptions to that

Again, here is a summary of my subscriptions and registered servers

Connect to the server via putty

Use subscription-manager with the register option

Write the login information

We got the error, I am going to solve this

From the user profile section click on account details

Click on logins and password,

You can see redhat login here,

Again register the server but this time instead of the email I use my RedHat login username

That’s great, server registered

Check what happened in the subscriptions

At the system, we can see one virtual machine, click on view all systems

My server registered and appeared here , click on the hostname of the server

The server is registered but it does not have any subscription

Click on subscriptions

Use run auto-attach to automatically assign subscriptions to this registered server

Also, you can see the status that shows us properly subscribed

I am trying to check the subscription status from the server with subscription-manager with the list option

Try to install some package

We got the error because our repositories are not activated, to refresh repositories and list them use subscription-manager with repos option

Try to install the package again

That is installed

I hope you enjoy this video, don’t forget to subscribe to my channel and write your questions in the comments.

Install Oracle Database 19c on linux

Hello everyone today I am going to install oracle 19c on Linux RedHat 8.6. also in this video, I will talk about x11 forwarding and its problem, and install oracle 19c on the new version of RedHat

How to install Oracle 19c On Linux , X11 Forwarding problem

This is my RedHat server, I am going to check the subscription status of this server with subscription-manager with list option. In my channel, you can find another video related to subscription-manager

Check Linux updates with the yum update command

I always use nano as a text editor, so trying to install it

Yes

Check the IP address of this server

We have to config hostname of this server to install oracle

Open the hosts file and edit IP and hostnames for this host,

Pres control x and then yes to save these changes

Going to the temp directory

We can prepare oracle prerequisites manually or by downloading one package and installing it everything will be prepared automatically to do this just paste this command to download the installer package and with yum you can install it, below you can find all commands that require during the installation

  • yum -y install nano
  • nano /etc/hosts
  • cd /tmp
  • curl -o oracle-database-preinstall-19c-1.0-2.el8.x86_64.rpm https://yum.oracle.com/repo/OracleLinux/OL8/appstream/x86_64/getPackage/oracle-database-preinstall-19c-1.0-2.el8.x86_64.rpm
  • yum -y localinstall oracle-database-preinstall-19c-1.0-2.el8.x86_64.rpm
  • nano /etc/selinux/config
  • systemctl stop firewalld
  • systemctl disable firewalld
  • yum -y install xterm* xorg*
  • mkdir -p /u01/app/oracle/product/19.0.0/dbhome_1
  • mkdir -p /u02/oradata
  • chown -R oracle:oinstall /u01 /u02
  • chmod -R 775 /u01 /u02
  • reboot
  • xhost +
  • mkdir /home/oracle/scripts
  • nano /home/oracle/scripts/setEnv.sh
  • export TMP=/tmp
  • export TMPDIR=$TMP
  • export ORACLE_HOSTNAME=hpsa-oracle.sinaonline.net
  • export ORACLE_UNQNAME=soracle
  • export ORACLE_BASE=/u01/app/oracle
  • export ORACLE_HOME=$ORACLE_BASE/product/19.0.0/dbhome_1
  • export ORA_INVENTORY=/u01/app/oraInventory
  • export ORACLE_SID=soracle
  • export PDB_NAME=noracle
  • export DATA_DIR=/u02/oradata
  • export PATH=/usr/sbin:/usr/local/bin:$PATH
  • export PATH=$ORACLE_HOME/bin:$PATH
  • export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib
  • export CLASSPATH=$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib
  • echo “. /home/oracle/scripts/setEnv.sh” >> /home/oracle/.bash_profile
  • chown -R oracle:oinstall /home/oracle/scripts
  • chmod u+x /home/oracle/scripts/*.sh
  • Login As Oracle
  • DISPLAY=10.10.10.38:0.0; export DISPLAY
  • cd /u01/app/oracle/product/19.0.0/dbhome_1
  • unzip -oq LINUX.X64_193000_db_home.zip
  • cd $ORACLE_HOME/cv/admin
  • edit cvu_config
  • CV_ASSUME_DISTID=RHEL7.9

In the prerequisites we have just set the password of the oracle user, as you know we can not install oracle DB as a root, all groups are created automatically with the previous script,

Now that is time to disable SELinux , to do that open config file

Change enforcing to disabled

Control x and y to save

Stop the firewall service and disable it

We install all the xterm and xorg packages to enable x11 forwarding and get the graphical interface throw ssh

Create DB home directory, as I told you can find upper commands

Create ora data directory

set oracle user and oinstall group owner to u01 and u02 directory

set oracle user and oinstall group permission to u01 and u02 directory

reboot server

as you can see after xterm and xorg packages installed , x11 forwarding enabled here

with xhost + you can connect to GUI throw the ssh from any host

create a script directory in the oracle user home directory

create a script and name it setenv.sh to import oracle required variables

paste these lines in it and save

whit this command make this script as user startup script, that means every time oracle user logging into the system this script automatically will be execute

also, give the permission to oracle user to run this script with these commands

now I am going to download oracle database installer file

this is the oracle database installer for the Linux , you can download it from here

click on download linux x64……

after you give the username and password, download will start, Creating an account on oracle website is free and its very easy

ok , oracle installer file downloaded, now login in as oracle user

when you are using x11 forwarding , if your client and server are on the same subnet do not require open any port in the firewall but when you are on a different subnet you have to open port 6000 in the firewall , you can see the direction of that port and ssh direction. that’s very important because if your port is not open you got an error during oracle installer

set the display variable with this command, 10.10.10.38 is my client ip address ,

check the oracle home variable

going to oracle home directory

upload downloaded file to this directory

unzip this file with o and q parameters

because I am trying to install oracle 19c on RedHat 8.6 I have to change cv_assume_disting to the latest supported version in the config file ,

to do this uncomment this line and instead of oel5 write rhel7.9 and save it, if you don’t do that you got an error during installation

Now we can run the installer

Come back to oracle home directory

Execute runinstaller

ok , you can continue this wizard based on your requirements

you can also follow my steps to install oracle database

you can ignore this warning,

this is a summary of the installation, after clicking on install, oracle database will be installed

ok , oracle database installed , if you run netstat you can see port 1521 , is oracle default port is on listening status and everything works fine,

I hope you enjoy this video , don’t forget to subscribe to my channel and watch other videos, if you have any questions you can ask them in the comments