http://mars.merhot.dk/w/api.php?action=feedcontributions&feedformat=atom&user=Heth
Teknologisk videncenter - User contributions [en]
2026-05-05T09:39:45Z
User contributions
MediaWiki 1.29.0
http://mars.merhot.dk/w/index.php?title=Cyber_Security_Portal&diff=41728
Cyber Security Portal
2026-04-30T08:59:42Z
<p>Heth: </p>
<hr />
<div>Welcome to the Cyber Security Portal. This portal consists of entries to main articles regarding IT Security and Cyber Security.<br />
<br />
{|<br />
|-valign=top<br />
<!----------------------------- Cyber Security -------------------------------><br />
|width="200"|{{FrontpageBox<br />
|colorcombination = 11<br />
|headline = Cyber Security<br />
|bgcolor = transparent<br />
|bottombox = https://samsik.dk/<br />
|picture = lists.png<br />
|content =<br />
{{FrontpageBox/subject<br />
|colorcombination = 11<br />
|title = Definitions<br />
}}<br />
*[[Cyber Security]]<br />
*[https://www.kaspersky.com/resource-center/definitions Kaspersky definitions]<br />
{{FrontpageBox/subject<br />
|colorcombination = 11<br />
|title = Educations<br />
}}<br />
*[[Cisco CyberOps Associate]]<br />
*[[CCNP Security]]<br />
*<br />
:*<br />
}}<br />
<!----------------------------- CISCO MAIN ARTICLES -------------------------------><br />
{{FrontpageBox<br />
|colorcombination = 5<br />
|picture = fileshare.png<br />
|headline = Cisco Main<br />
|bgcolor = transparent<br />
|bottombox = [http://cisco.netacad.net Cisco Netacademy] [http://cisco.com/tac Cisco TAC]<br />
|content =<br />
{{FrontpageBox/subject<br />
|colorcombination = 5<br />
|title = Services<br />
}}<br />
*<br />
{{FrontpageBox/subject<br />
|colorcombination = 5<br />
|title = Cool Cisco Links<br />
}}<br />
<br />
*[http://www.cisco.com/en/US/support/tsd_most_requested_tools.html Cisco most used tools]<br />
{{Source cli}} <br />
}}<br />
<!----------------------------- BEST PRACTICE-------------------------------><br />
|width="200"|{{FrontpageBox<br />
|colorcombination = 7<br />
|headline = Best practice<br />
|bgcolor = transparent<br />
|picture = agt_web.png<br />
|content =<br />
{{FrontpageBox/subject<br />
|colorcombination = 7 <br />
|title = Organisations<br />
}}<br />
*[[NIST]]<br />
*[[ISO and IEC]]<br />
{{FrontpageBox/subject<br />
|colorcombination = 7 <br />
|title = Route manipultation<br />
}}<br />
*<br />
{{FrontpageBox/subject<br />
|colorcombination = 7<br />
|title = First Hop Redundancy Protocols<br />
}}<br />
*<br />
{{FrontpageBox/subject<br />
|colorcombination = 7<br />
|title = VPN<br />
}}<br />
*[[IPSec VTI Cisco IOS]]<br />
*[[IPsec Cisco IOS]]<br />
}}<br />
<!--------------------------- NETWORKING TOOLS -------------------------><br />
{{FrontpageBox<br />
|colorcombination = 6<br />
|headline = Networking Tools<br />
|bgcolor = transparent<br />
|picture = Knetconfig.png<br />
|content =<br />
{{FrontpageBox/subject<br />
|colorcombination = 6 <br />
|title = Servers<br />
}}<br />
*[[Cisco_Packet_Tracer]]<br />
*[http://www.solarwinds.com/products/freetools/free_tftp_server.aspx TFTP-server for Windows]<br />
{{FrontpageBox/subject<br />
|colorcombination = 6 <br />
|title = Collections<br />
}}<br />
*[http://www.cisco.com/en/US/support/tsd_most_requested_tools.html Cisco most used tools]<br />
}}<br />
<!----------------------------- SWITCHING -------------------------------><br />
|width="200"|{{FrontpageBox<br />
|colorcombination = 9<br />
|headline = Switching<br />
|bgcolor = transparent<br />
|picture = RJ45_transparent.png<br />
|picturesize=50<br />
|content =<br />
{{FrontpageBox/subject<br />
|colorcombination = 9 <br />
|title = VLAN and Trunking<br />
}}<br />
*[[VLAN Cisco IOS]]<br />
*[[VLAN Trunk Cisco IOS]]<br />
*[[IEEE 802.1Q]]<br />
*[[VTP]]<br />
*[[Netband Project - Private Vlan|Private Vlan]]<br />
{{FrontpageBox/subject<br />
|colorcombination = 9 <br />
|title = Spanning Tree<br />
}}<br />
*[[Spanning tree]]<br />
*[[Spanning Tree protocol history]]<br />
*[[RPVST+]]<br />
*[[STP Toolkit Cisco IOS]]<br />
{{FrontpageBox/subject<br />
|colorcombination = 9 <br />
|title =Other subjects<br />
}}<br />
*[[Errdisable Cisco IOS]]<br />
*[[EtherChannel]]<br />
*[[Ethernet PoE]]<br />
*[[Dot1x authentication]]<br />
*[[Netband Project - IP Source Guard|IP Source Guard]]<br />
*[[Netband Project - DHCP Snooping|DHCP Snooping]]<br />
*[[Errdisable Cisco IOS]]<br />
*[[Netband Project - Dynamic Arp Inspection|Dynamic Arp Inspection]]<br />
*[[DHCP spoof attack]]<br />
*[[MAC address flooding]]<br />
*[[Switch port mirroring]]<br />
}}<br />
|}<br />
<br />
[[Category:Security]][[Category:Cyber Security]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=TPM&diff=41727
TPM
2026-04-01T16:07:46Z
<p>Heth: /* tmp2_getcap - capabilities */</p>
<hr />
<div>==TPM - Trusted Platform Module==<br />
<br />
==(tpm2_tools (Linux)==<br />
=== tmp2_getcap - capabilities===<br />
<br />
<source lang=bash><br />
heth@tpm2:~$ sudo tpm2_getcap -l<br />
- algorithms<br />
- commands<br />
- pcrs<br />
- properties-fixed<br />
- properties-variable<br />
- ecc-curves<br />
- handles-transient<br />
- handles-persistent<br />
- handles-permanent<br />
- handles-pcr<br />
- handles-nv-index<br />
- handles-loaded-session<br />
- handles-saved-session<br />
heth@tpm2:~$ sudo tpm2_getcap pcrs<br />
selected-pcrs:<br />
- sha1: [ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23 ]<br />
- sha256: [ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23 ]<br />
heth@tpm2:~$ sudo tpm2_getcap ecc-curves<br />
TPM2_ECC_NIST_P256: 0x3<br />
TPM2_ECC_BN_P256: 0x10<br />
heth@tpm2:~$<br />
</source><br />
<br />
==endorsement key (EK)==<br />
A TPM2 Endorsement Key (EK) Certificate is a digital certificate, usually burned into the Trusted Platform Module (TPM) chip during manufacturing, that validates the authenticity of the TPM's unique endorsement key (<br />
). It acts as a trusted, hardware-backed identity, allowing external parties to verify that a device uses a genuine TPM. <br />
<br />
===Key details about the EK Certificate:===<br />
;Purpose: The EK is an RSA or ECC key pair used to verify the TPM's legitimacy. The private key never leaves the TPM, ensuring security.<br />
;Issuer: It is typically signed by the TPM manufacturer's certificate authority (CA), certifying the TPM's legitimacy.<br />
;Use Cases: It is critical for Remote Attestation, where a server checks the EK certificate to ensure a client device has a real, untampered TPM before sharing secrets.<br />
;Accessing the Certificate: EK certificates can be found in the TPM’s Non-Volatile (NV) memory or retrieved from manufacturer web servers (like Intel's) using specialized tools.<br />
;Difference from other Keys: Unlike the Storage Root Key (SRK), the EK is permanent. It is not used for signing operations, but for encryption.<br />
<source lang=bash><br />
heth@tpm2:~$ sudo tpm2_getekcertificate | od -h<br />
0000000 8230 9c04 8230 8403 03a0 0102 0202 7604<br />
0000020 e292 3095 060d 2a09 4886 f786 010d 0b01<br />
0000040 0005 8130 3183 300b 0609 5503 0604 0213<br />
0000060 4544 2131 1f30 0306 0455 0c0a 4918 666e<br />
....<br />
0003640 b7c4 c27d 04da 3c75 c145 a234 e32b c20f<br />
0003660 9cff 006c<br />
</source><br />
<br />
=Links=<br />
*[https://github.com/microsoft/ms-tpm-20-ref/tree/main Microsoft Official TPM 2.0 Reference Implementation] (Includes TPM2 Simulator)<br />
[[Category:Security]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=TPM&diff=41726
TPM
2026-04-01T16:07:30Z
<p>Heth: /* tmp2_getcap - capabilities */</p>
<hr />
<div>==TPM - Trusted Platform Module==<br />
<br />
==(tpm2_tools (Linux)==<br />
=== tmp2_getcap - capabilities===<br />
heth@tpm2:~$ sudo tpm2_getcap -l<br />
<source lang=bash><br />
- algorithms<br />
- commands<br />
- pcrs<br />
- properties-fixed<br />
- properties-variable<br />
- ecc-curves<br />
- handles-transient<br />
- handles-persistent<br />
- handles-permanent<br />
- handles-pcr<br />
- handles-nv-index<br />
- handles-loaded-session<br />
- handles-saved-session<br />
heth@tpm2:~$ sudo tpm2_getcap pcrs<br />
selected-pcrs:<br />
- sha1: [ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23 ]<br />
- sha256: [ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23 ]<br />
heth@tpm2:~$ sudo tpm2_getcap ecc-curves<br />
TPM2_ECC_NIST_P256: 0x3<br />
TPM2_ECC_BN_P256: 0x10<br />
heth@tpm2:~$<br />
</source><br />
<br />
==endorsement key (EK)==<br />
A TPM2 Endorsement Key (EK) Certificate is a digital certificate, usually burned into the Trusted Platform Module (TPM) chip during manufacturing, that validates the authenticity of the TPM's unique endorsement key (<br />
). It acts as a trusted, hardware-backed identity, allowing external parties to verify that a device uses a genuine TPM. <br />
<br />
===Key details about the EK Certificate:===<br />
;Purpose: The EK is an RSA or ECC key pair used to verify the TPM's legitimacy. The private key never leaves the TPM, ensuring security.<br />
;Issuer: It is typically signed by the TPM manufacturer's certificate authority (CA), certifying the TPM's legitimacy.<br />
;Use Cases: It is critical for Remote Attestation, where a server checks the EK certificate to ensure a client device has a real, untampered TPM before sharing secrets.<br />
;Accessing the Certificate: EK certificates can be found in the TPM’s Non-Volatile (NV) memory or retrieved from manufacturer web servers (like Intel's) using specialized tools.<br />
;Difference from other Keys: Unlike the Storage Root Key (SRK), the EK is permanent. It is not used for signing operations, but for encryption.<br />
<source lang=bash><br />
heth@tpm2:~$ sudo tpm2_getekcertificate | od -h<br />
0000000 8230 9c04 8230 8403 03a0 0102 0202 7604<br />
0000020 e292 3095 060d 2a09 4886 f786 010d 0b01<br />
0000040 0005 8130 3183 300b 0609 5503 0604 0213<br />
0000060 4544 2131 1f30 0306 0455 0c0a 4918 666e<br />
....<br />
0003640 b7c4 c27d 04da 3c75 c145 a234 e32b c20f<br />
0003660 9cff 006c<br />
</source><br />
<br />
=Links=<br />
*[https://github.com/microsoft/ms-tpm-20-ref/tree/main Microsoft Official TPM 2.0 Reference Implementation] (Includes TPM2 Simulator)<br />
[[Category:Security]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=TPM&diff=41725
TPM
2026-04-01T16:07:07Z
<p>Heth: /* (tpm2_tools (Linux) */</p>
<hr />
<div>==TPM - Trusted Platform Module==<br />
<br />
==(tpm2_tools (Linux)==<br />
=== tmp2_getcap - capabilities===<br />
<source lang=bash><br />
- algorithms<br />
- commands<br />
- pcrs<br />
- properties-fixed<br />
- properties-variable<br />
- ecc-curves<br />
- handles-transient<br />
- handles-persistent<br />
- handles-permanent<br />
- handles-pcr<br />
- handles-nv-index<br />
- handles-loaded-session<br />
- handles-saved-session<br />
heth@tpm2:~$ sudo tpm2_getcap pcrs<br />
selected-pcrs:<br />
- sha1: [ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23 ]<br />
- sha256: [ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23 ]<br />
heth@tpm2:~$ sudo tpm2_getcap ecc-curves<br />
TPM2_ECC_NIST_P256: 0x3<br />
TPM2_ECC_BN_P256: 0x10<br />
heth@tpm2:~$<br />
</source><br />
<br />
==endorsement key (EK)==<br />
A TPM2 Endorsement Key (EK) Certificate is a digital certificate, usually burned into the Trusted Platform Module (TPM) chip during manufacturing, that validates the authenticity of the TPM's unique endorsement key (<br />
). It acts as a trusted, hardware-backed identity, allowing external parties to verify that a device uses a genuine TPM. <br />
<br />
===Key details about the EK Certificate:===<br />
;Purpose: The EK is an RSA or ECC key pair used to verify the TPM's legitimacy. The private key never leaves the TPM, ensuring security.<br />
;Issuer: It is typically signed by the TPM manufacturer's certificate authority (CA), certifying the TPM's legitimacy.<br />
;Use Cases: It is critical for Remote Attestation, where a server checks the EK certificate to ensure a client device has a real, untampered TPM before sharing secrets.<br />
;Accessing the Certificate: EK certificates can be found in the TPM’s Non-Volatile (NV) memory or retrieved from manufacturer web servers (like Intel's) using specialized tools.<br />
;Difference from other Keys: Unlike the Storage Root Key (SRK), the EK is permanent. It is not used for signing operations, but for encryption.<br />
<source lang=bash><br />
heth@tpm2:~$ sudo tpm2_getekcertificate | od -h<br />
0000000 8230 9c04 8230 8403 03a0 0102 0202 7604<br />
0000020 e292 3095 060d 2a09 4886 f786 010d 0b01<br />
0000040 0005 8130 3183 300b 0609 5503 0604 0213<br />
0000060 4544 2131 1f30 0306 0455 0c0a 4918 666e<br />
....<br />
0003640 b7c4 c27d 04da 3c75 c145 a234 e32b c20f<br />
0003660 9cff 006c<br />
</source><br />
<br />
=Links=<br />
*[https://github.com/microsoft/ms-tpm-20-ref/tree/main Microsoft Official TPM 2.0 Reference Implementation] (Includes TPM2 Simulator)<br />
[[Category:Security]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=TPM&diff=41724
TPM
2026-04-01T10:49:33Z
<p>Heth: /* (tpm2_tools (Linux)= */</p>
<hr />
<div>==TPM - Trusted Platform Module==<br />
<br />
==(tpm2_tools (Linux)==<br />
<br />
<br />
==endorsement key (EK)==<br />
A TPM2 Endorsement Key (EK) Certificate is a digital certificate, usually burned into the Trusted Platform Module (TPM) chip during manufacturing, that validates the authenticity of the TPM's unique endorsement key (<br />
). It acts as a trusted, hardware-backed identity, allowing external parties to verify that a device uses a genuine TPM. <br />
<br />
===Key details about the EK Certificate:===<br />
;Purpose: The EK is an RSA or ECC key pair used to verify the TPM's legitimacy. The private key never leaves the TPM, ensuring security.<br />
;Issuer: It is typically signed by the TPM manufacturer's certificate authority (CA), certifying the TPM's legitimacy.<br />
;Use Cases: It is critical for Remote Attestation, where a server checks the EK certificate to ensure a client device has a real, untampered TPM before sharing secrets.<br />
;Accessing the Certificate: EK certificates can be found in the TPM’s Non-Volatile (NV) memory or retrieved from manufacturer web servers (like Intel's) using specialized tools.<br />
;Difference from other Keys: Unlike the Storage Root Key (SRK), the EK is permanent. It is not used for signing operations, but for encryption.<br />
<source lang=bash><br />
heth@tpm2:~$ sudo tpm2_getekcertificate | od -h<br />
0000000 8230 9c04 8230 8403 03a0 0102 0202 7604<br />
0000020 e292 3095 060d 2a09 4886 f786 010d 0b01<br />
0000040 0005 8130 3183 300b 0609 5503 0604 0213<br />
0000060 4544 2131 1f30 0306 0455 0c0a 4918 666e<br />
....<br />
0003640 b7c4 c27d 04da 3c75 c145 a234 e32b c20f<br />
0003660 9cff 006c<br />
</source><br />
<br />
=Links=<br />
*[https://github.com/microsoft/ms-tpm-20-ref/tree/main Microsoft Official TPM 2.0 Reference Implementation] (Includes TPM2 Simulator)<br />
[[Category:Security]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=TPM&diff=41723
TPM
2026-04-01T10:49:23Z
<p>Heth: </p>
<hr />
<div>==TPM - Trusted Platform Module==<br />
<br />
=(tpm2_tools (Linux)==<br />
<br />
<br />
==endorsement key (EK)==<br />
A TPM2 Endorsement Key (EK) Certificate is a digital certificate, usually burned into the Trusted Platform Module (TPM) chip during manufacturing, that validates the authenticity of the TPM's unique endorsement key (<br />
). It acts as a trusted, hardware-backed identity, allowing external parties to verify that a device uses a genuine TPM. <br />
<br />
===Key details about the EK Certificate:===<br />
;Purpose: The EK is an RSA or ECC key pair used to verify the TPM's legitimacy. The private key never leaves the TPM, ensuring security.<br />
;Issuer: It is typically signed by the TPM manufacturer's certificate authority (CA), certifying the TPM's legitimacy.<br />
;Use Cases: It is critical for Remote Attestation, where a server checks the EK certificate to ensure a client device has a real, untampered TPM before sharing secrets.<br />
;Accessing the Certificate: EK certificates can be found in the TPM’s Non-Volatile (NV) memory or retrieved from manufacturer web servers (like Intel's) using specialized tools.<br />
;Difference from other Keys: Unlike the Storage Root Key (SRK), the EK is permanent. It is not used for signing operations, but for encryption.<br />
<source lang=bash><br />
heth@tpm2:~$ sudo tpm2_getekcertificate | od -h<br />
0000000 8230 9c04 8230 8403 03a0 0102 0202 7604<br />
0000020 e292 3095 060d 2a09 4886 f786 010d 0b01<br />
0000040 0005 8130 3183 300b 0609 5503 0604 0213<br />
0000060 4544 2131 1f30 0306 0455 0c0a 4918 666e<br />
....<br />
0003640 b7c4 c27d 04da 3c75 c145 a234 e32b c20f<br />
0003660 9cff 006c<br />
</source><br />
<br />
=Links=<br />
*[https://github.com/microsoft/ms-tpm-20-ref/tree/main Microsoft Official TPM 2.0 Reference Implementation] (Includes TPM2 Simulator)<br />
[[Category:Security]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=TPM&diff=41722
TPM
2026-04-01T10:48:36Z
<p>Heth: /* tpm2_tools (Linux) */</p>
<hr />
<div>=TPM - Trusted Platform Module=<br />
<br />
=tpm2_tools (Linux)=<br />
<br />
<br />
=endorsement key (EK)=<br />
A TPM2 Endorsement Key (EK) Certificate is a digital certificate, usually burned into the Trusted Platform Module (TPM) chip during manufacturing, that validates the authenticity of the TPM's unique endorsement key (<br />
). It acts as a trusted, hardware-backed identity, allowing external parties to verify that a device uses a genuine TPM. <br />
<br />
==Key details about the EK Certificate:==<br />
;Purpose: The EK is an RSA or ECC key pair used to verify the TPM's legitimacy. The private key never leaves the TPM, ensuring security.<br />
;Issuer: It is typically signed by the TPM manufacturer's certificate authority (CA), certifying the TPM's legitimacy.<br />
;Use Cases: It is critical for Remote Attestation, where a server checks the EK certificate to ensure a client device has a real, untampered TPM before sharing secrets.<br />
;Accessing the Certificate: EK certificates can be found in the TPM’s Non-Volatile (NV) memory or retrieved from manufacturer web servers (like Intel's) using specialized tools.<br />
;Difference from other Keys: Unlike the Storage Root Key (SRK), the EK is permanent. It is not used for signing operations, but for encryption.<br />
<source lang=bash><br />
heth@tpm2:~$ sudo tpm2_getekcertificate | od -h<br />
0000000 8230 9c04 8230 8403 03a0 0102 0202 7604<br />
0000020 e292 3095 060d 2a09 4886 f786 010d 0b01<br />
0000040 0005 8130 3183 300b 0609 5503 0604 0213<br />
0000060 4544 2131 1f30 0306 0455 0c0a 4918 666e<br />
....<br />
0003640 b7c4 c27d 04da 3c75 c145 a234 e32b c20f<br />
0003660 9cff 006c<br />
</source><br />
<br />
=Links=<br />
*[https://github.com/microsoft/ms-tpm-20-ref/tree/main Microsoft Official TPM 2.0 Reference Implementation] (Includes TPM2 Simulator)<br />
[[Category:Security]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=TPM&diff=41721
TPM
2026-04-01T10:48:17Z
<p>Heth: </p>
<hr />
<div>=TPM - Trusted Platform Module=<br />
<br />
=tpm2_tools (Linux)=<br />
<source lang=bash><br />
<br />
=endorsement key (EK)=<br />
A TPM2 Endorsement Key (EK) Certificate is a digital certificate, usually burned into the Trusted Platform Module (TPM) chip during manufacturing, that validates the authenticity of the TPM's unique endorsement key (<br />
). It acts as a trusted, hardware-backed identity, allowing external parties to verify that a device uses a genuine TPM. <br />
<br />
==Key details about the EK Certificate:==<br />
;Purpose: The EK is an RSA or ECC key pair used to verify the TPM's legitimacy. The private key never leaves the TPM, ensuring security.<br />
;Issuer: It is typically signed by the TPM manufacturer's certificate authority (CA), certifying the TPM's legitimacy.<br />
;Use Cases: It is critical for Remote Attestation, where a server checks the EK certificate to ensure a client device has a real, untampered TPM before sharing secrets.<br />
;Accessing the Certificate: EK certificates can be found in the TPM’s Non-Volatile (NV) memory or retrieved from manufacturer web servers (like Intel's) using specialized tools.<br />
;Difference from other Keys: Unlike the Storage Root Key (SRK), the EK is permanent. It is not used for signing operations, but for encryption.<br />
<source lang=bash><br />
heth@tpm2:~$ sudo tpm2_getekcertificate | od -h<br />
0000000 8230 9c04 8230 8403 03a0 0102 0202 7604<br />
0000020 e292 3095 060d 2a09 4886 f786 010d 0b01<br />
0000040 0005 8130 3183 300b 0609 5503 0604 0213<br />
0000060 4544 2131 1f30 0306 0455 0c0a 4918 666e<br />
....<br />
0003640 b7c4 c27d 04da 3c75 c145 a234 e32b c20f<br />
0003660 9cff 006c<br />
</source><br />
=Links=<br />
*[https://github.com/microsoft/ms-tpm-20-ref/tree/main Microsoft Official TPM 2.0 Reference Implementation] (Includes TPM2 Simulator)<br />
[[Category:Security]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=TPM&diff=41720
TPM
2026-04-01T10:22:01Z
<p>Heth: /* Links */</p>
<hr />
<div>=TPM - Trusted Platform Module=<br />
<br />
=Links=<br />
*[https://github.com/microsoft/ms-tpm-20-ref/tree/main Microsoft Official TPM 2.0 Reference Implementation] (Includes TPM2 Simulator)<br />
[[Category:Security]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=TPM&diff=41719
TPM
2026-04-01T10:21:15Z
<p>Heth: Created page with "=TPM - Trusted Platform Module= =Links= *[https://github.com/microsoft/ms-tpm-20-ref/tree/main Microsoft Official TPM 2.0 Reference Implementation] Category:Security"</p>
<hr />
<div>=TPM - Trusted Platform Module=<br />
<br />
=Links=<br />
*[https://github.com/microsoft/ms-tpm-20-ref/tree/main Microsoft Official TPM 2.0 Reference Implementation]<br />
[[Category:Security]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Ssh_reverse_tunnel&diff=41718
Ssh reverse tunnel
2026-04-01T09:29:16Z
<p>Heth: /* Remote server */</p>
<hr />
<div>To ssh to a Linux server behind a firewall that doesn't allow incoming connections, a reverse ssh tunnel can be created from the server to a known client host. The client host should have a static IP address or a DNS hostname.<br />
<br />
=Remote server=<br />
To allow login without password create public/private rsa key pair on the client and copy the private key to the .ssh/authorized_keys file an set mod to 600 <br />
<source lang=bash><br />
ssh-keygen<br />
ssh-copy-id steve@10.10.10.10 #IP of your local, from which you want autoconnect to<br />
</source><br />
Establishing the reversed tunnel from a scriptfile. You probably needs to install '''autossh'''. <br />
<source lang=bash><br />
#!/usr/bin/bash<br />
# See: https://medium.com/@souri.rv/autossh-for-keeping-ssh-tunnels-alive-5c14207c6ba9<br />
REMOTE_HOST="222.2.2.2"<br />
REMOTE_PORT="9000"<br />
REMOTE_USER="steve"<br />
<br />
autossh -M 0 -gNC $1 -o "ExitOnForwardFailure=yes" -o "ServerAliveInterval=10" -o "ServerAliveCountMax=3" -R ${REMOTE_PORT}:localhost:22 ${REMOTE_USER}@${REMOTE_USER}<br />
</source><br />
/etc/systemd/system/reversessh.service<br />
<source lang=bash><br />
[Unit]<br />
Description=Reverse SSH tunnel<br />
After=network.target<br />
StartLimitIntervalSec=60<br />
StartLimitBurst=12<br />
<br />
<br />
[Service]<br />
ExecStart=/bin/bash /home/steve/bin/reversessh.sh<br />
Type=simple<br />
User=steve<br />
Group=steve<br />
Restart=on-failure<br />
RestartSec=5<br />
<br />
<br />
[Install]<br />
WantedBy=default.target<br />
RequiredBy=network.target<br />
</source><br />
<br />
=local machine=<br />
On local machine you want to ssh from create ~/bin/sshremote with the following and make it executeable.<br />
Use it as for example: '''sshremote mars chris'''<br />
<source lang=bash><br />
#!/bin/bash<br />
<br />
declare -A hosts<br />
<br />
# machinename in /etc/hosts maps to portnumber<br />
hosts["mars"]=9999<br />
hosts["mbus1"]=9998<br />
hosts["mars2"]=9997<br />
hosts["dhdc"]=9996<br />
<br />
host=$1<br />
user=$2<br />
ip="localhost"<br />
<br />
ssh -p ${hosts[${host}]} ${user}@${ip}<br />
</source><br />
<br />
=Links=<br />
*https://qbee.io/misc/reverse-ssh-tunneling-the-ultimate-guide/<br />
[[Category:Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Ssh_reverse_tunnel&diff=41717
Ssh reverse tunnel
2026-04-01T09:28:34Z
<p>Heth: /* Remote server */</p>
<hr />
<div>To ssh to a Linux server behind a firewall that doesn't allow incoming connections, a reverse ssh tunnel can be created from the server to a known client host. The client host should have a static IP address or a DNS hostname.<br />
<br />
=Remote server=<br />
To allow login without password create public/private rsa key pair on the client and copy the private key to the .ssh/authorized_keys file an set mod to 600 <br />
<source lang=bash><br />
ssh-keygen<br />
ssh-copy-id steve@10.10.10.10<br />
</source><br />
Establishing the reversed tunnel from a scriptfile. You probably needs to install '''autossh'''. <br />
<source lang=bash><br />
#!/usr/bin/bash<br />
# See: https://medium.com/@souri.rv/autossh-for-keeping-ssh-tunnels-alive-5c14207c6ba9<br />
REMOTE_HOST="222.2.2.2"<br />
REMOTE_PORT="9000"<br />
REMOTE_USER="steve"<br />
<br />
autossh -M 0 -gNC $1 -o "ExitOnForwardFailure=yes" -o "ServerAliveInterval=10" -o "ServerAliveCountMax=3" -R ${REMOTE_PORT}:localhost:22 ${REMOTE_USER}@${REMOTE_USER}<br />
</source><br />
/etc/systemd/system/reversessh.service<br />
<source lang=bash><br />
[Unit]<br />
Description=Reverse SSH tunnel<br />
After=network.target<br />
StartLimitIntervalSec=60<br />
StartLimitBurst=12<br />
<br />
<br />
[Service]<br />
ExecStart=/bin/bash /home/steve/bin/reversessh.sh<br />
Type=simple<br />
User=steve<br />
Group=steve<br />
Restart=on-failure<br />
RestartSec=5<br />
<br />
<br />
[Install]<br />
WantedBy=default.target<br />
RequiredBy=network.target<br />
</source><br />
<br />
=local machine=<br />
On local machine you want to ssh from create ~/bin/sshremote with the following and make it executeable.<br />
Use it as for example: '''sshremote mars chris'''<br />
<source lang=bash><br />
#!/bin/bash<br />
<br />
declare -A hosts<br />
<br />
# machinename in /etc/hosts maps to portnumber<br />
hosts["mars"]=9999<br />
hosts["mbus1"]=9998<br />
hosts["mars2"]=9997<br />
hosts["dhdc"]=9996<br />
<br />
host=$1<br />
user=$2<br />
ip="localhost"<br />
<br />
ssh -p ${hosts[${host}]} ${user}@${ip}<br />
</source><br />
<br />
=Links=<br />
*https://qbee.io/misc/reverse-ssh-tunneling-the-ultimate-guide/<br />
[[Category:Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Journalctl&diff=41716
Journalctl
2026-03-18T13:16:52Z
<p>Heth: </p>
<hr />
<div><br />
=Log from service=<br />
Example: '''journalctl -u sshguard -S "2026-03-15 00:00:00" -U "2026-03-18 13:36:04"'''<br />
[[Category:Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Journalctl&diff=41715
Journalctl
2026-03-18T13:16:38Z
<p>Heth: Created page with " =Log from service= Example: '''journalctl -u sshguard -S "2026-03-15 00:00:00" -U "2026-03-18 13:36:04"''' Category Linux"</p>
<hr />
<div><br />
=Log from service=<br />
Example: '''journalctl -u sshguard -S "2026-03-15 00:00:00" -U "2026-03-18 13:36:04"'''<br />
[[Category Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Kali_Linux&diff=41714
Kali Linux
2026-03-11T12:27:48Z
<p>Heth: /* x11.forwarding session */</p>
<hr />
<div>Installation: Kali Linux 1.0.6 AMD64<br/><br />
apt-get update && apt-get upgrade<br />
=Armitage=<br />
<pre><br />
service postgresql start<br />
service metasploit start<br />
armitage<br />
</pre><br />
svar ja til at starte metasploit<br />
=NMAP=<br />
Opdater NSE i NMAP:<br />
<pre><br />
wget -c -r https://svn.nmap.org/nmap/scripts/<br />
</pre><br />
kopier alle filer fra scrpts folderen til /usr/shares/nmap/scripts & alle filer fra nselib til /usr/shares/nmap/nselib<br/><br />
opdater script med '''nmap --script-updatedb'''<br />
=x11.forwarding session=<br />
in /etc/ssh/ssh_config uncomment/change under ''Host *''<br />
<br />
<source lang=bash><br />
ForwardX11 yes<br />
ForwardX11Trusted yes<br />
</source> <br />
restart ssh: ''sudo systemctl restart ssh''<br />
<br />
<br />
From terminal emulator supporting X11-fording run: ''xfce4-session''<br />
'''Note:''' If using mobaXterm under "Settings->configuration" X11 - change ''X11-server display mode" to "Windowed-mode" (Can freeze in multi-display setups)</div>
Heth
http://mars.merhot.dk/w/index.php?title=Kali_Linux&diff=41713
Kali Linux
2026-03-11T11:46:59Z
<p>Heth: </p>
<hr />
<div>Installation: Kali Linux 1.0.6 AMD64<br/><br />
apt-get update && apt-get upgrade<br />
=Armitage=<br />
<pre><br />
service postgresql start<br />
service metasploit start<br />
armitage<br />
</pre><br />
svar ja til at starte metasploit<br />
=NMAP=<br />
Opdater NSE i NMAP:<br />
<pre><br />
wget -c -r https://svn.nmap.org/nmap/scripts/<br />
</pre><br />
kopier alle filer fra scrpts folderen til /usr/shares/nmap/scripts & alle filer fra nselib til /usr/shares/nmap/nselib<br/><br />
opdater script med '''nmap --script-updatedb'''<br />
=x11.forwarding session=<br />
in /etc/ssh/ssh_config uncomment/change under ''Host *''<br />
<br />
<source lang=bash><br />
ForwardX11 yes<br />
ForwardX11Trusted yes<br />
</source> <br />
restart ssh: ''sudo systemctl restart ssh''<br />
<br />
<br />
From terminal emulator supporting X11-fording run: ''xfce4-session''</div>
Heth
http://mars.merhot.dk/w/index.php?title=Red_Hat_dnf&diff=41712
Red Hat dnf
2026-02-26T06:49:03Z
<p>Heth: Created page with "#Redirewct Dnf Red Hat"</p>
<hr />
<div>#Redirewct [[Dnf Red Hat]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Main_Page&diff=41711
Main Page
2026-02-03T05:41:23Z
<p>Heth: </p>
<hr />
<div>{| border="0"<br />
|[[Image:Kate maleri2.jpg|300px|Artist: Kate Kallermann]]<br />
|- valign="top" align=left<br />
|<br />
<br />
| <br />
<br />
<br />
|- align=left<br />
|Welcome to [http://house-of-technology.dk Teknologisk videncenter's] Wiki at [http://www.mercantec.dk Mercantec], [[wikipedia:en:Viborg,_Denmark|Viborg]], [[wikipedia:en:Denmark|Denmark]]. <br> <br />
<br />
<br />
<br />
<br/><br />
----<br />
*[http://skema.merhot.dk Lokale-Bookning]<br />
*[[Booking-guide | Booking af en Virtuel maskine]]<br />
*[[Evaluering_af_Hovedforløb|Evaluering hovedforløb]]<br />
*[[Evaluering af AMU]]<br />
*[https://www.oreilly.com/ O'reilly Books online]<br />
*[[AMU Netværk]]<br />
----<br />
<!--<br />
===Valgfri specialefag===<br />
<hr style="color:red;background:red;"><br />
<div style="font-size:1.4em; background:#transparent; color:aabbee;">BEMÆRK: efterår 2024 katalog udkommet.</div> <hr style="color:red;background:red;"><br />
*[[media:Valgfri_uddannelsesspecifikke_fag_2024_v.4.pdf |Valgfri uddannelsesspecifikke fag katalog efterår 2024]]<br />
<hr /><br />
--><br />
=== Datahouse Helpdesk ===<br />
*https://helpdesk@hotdata.dk<br />
<!--<br />
mail til mailto:hotskp@mercantec.dk<br />
--><br />
__NOEDITSECTION__</div>
Heth
http://mars.merhot.dk/w/index.php?title=Ssh_reverse_tunnel&diff=41710
Ssh reverse tunnel
2026-01-23T06:11:56Z
<p>Heth: /* local machine */</p>
<hr />
<div>To ssh to a Linux server behind a firewall that doesn't allow incoming connections, a reverse ssh tunnel can be created from the server to a known client host. The client host should have a static IP address or a DNS hostname.<br />
<br />
=Remote server=<br />
To allow login without password create public/private rsa key pair on the client and copy the private key to the .ssh/authorized_keys file an set mod to 600 <br />
<source lang=bash><br />
ssh -o TCPKeepAlive=yes -R 9000:localhost:22 heth@93.166.84.21<br />
</source><br />
Establishing the reversed tunnel from a scriptfile. You probably needs to install '''autossh'''. <br />
<source lang=bash><br />
#!/usr/bin/bash<br />
# See: https://medium.com/@souri.rv/autossh-for-keeping-ssh-tunnels-alive-5c14207c6ba9<br />
REMOTE_HOST="222.2.2.2"<br />
REMOTE_PORT="9000"<br />
REMOTE_USER="steve"<br />
<br />
autossh -M 0 -gNC $1 -o "ExitOnForwardFailure=yes" -o "ServerAliveInterval=10" -o "ServerAliveCountMax=3" -R ${REMOTE_PORT}:localhost:22 ${REMOTE_USER}@${REMOTE_USER}<br />
</source><br />
/etc/systemd/system/reversessh.service<br />
<source lang=bash><br />
[Unit]<br />
Description=Reverse SSH tunnel<br />
After=network.target<br />
StartLimitIntervalSec=60<br />
StartLimitBurst=12<br />
<br />
<br />
[Service]<br />
ExecStart=/bin/bash /home/steve/bin/reversessh.sh<br />
Type=simple<br />
User=steve<br />
Group=steve<br />
Restart=on-failure<br />
RestartSec=5<br />
<br />
<br />
[Install]<br />
WantedBy=default.target<br />
RequiredBy=network.target<br />
</source><br />
=local machine=<br />
On local machine you want to ssh from create ~/bin/sshremote with the following and make it executeable.<br />
Use it as for example: '''sshremote mars chris'''<br />
<source lang=bash><br />
#!/bin/bash<br />
<br />
declare -A hosts<br />
<br />
# machinename in /etc/hosts maps to portnumber<br />
hosts["mars"]=9999<br />
hosts["mbus1"]=9998<br />
hosts["mars2"]=9997<br />
hosts["dhdc"]=9996<br />
<br />
host=$1<br />
user=$2<br />
ip="localhost"<br />
<br />
ssh -p ${hosts[${host}]} ${user}@${ip}<br />
</source><br />
<br />
=Links=<br />
*https://qbee.io/misc/reverse-ssh-tunneling-the-ultimate-guide/<br />
[[Category:Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Ssh_reverse_tunnel&diff=41709
Ssh reverse tunnel
2026-01-23T06:08:52Z
<p>Heth: /* local machine */</p>
<hr />
<div>To ssh to a Linux server behind a firewall that doesn't allow incoming connections, a reverse ssh tunnel can be created from the server to a known client host. The client host should have a static IP address or a DNS hostname.<br />
<br />
=Remote server=<br />
To allow login without password create public/private rsa key pair on the client and copy the private key to the .ssh/authorized_keys file an set mod to 600 <br />
<source lang=bash><br />
ssh -o TCPKeepAlive=yes -R 9000:localhost:22 heth@93.166.84.21<br />
</source><br />
Establishing the reversed tunnel from a scriptfile. You probably needs to install '''autossh'''. <br />
<source lang=bash><br />
#!/usr/bin/bash<br />
# See: https://medium.com/@souri.rv/autossh-for-keeping-ssh-tunnels-alive-5c14207c6ba9<br />
REMOTE_HOST="222.2.2.2"<br />
REMOTE_PORT="9000"<br />
REMOTE_USER="steve"<br />
<br />
autossh -M 0 -gNC $1 -o "ExitOnForwardFailure=yes" -o "ServerAliveInterval=10" -o "ServerAliveCountMax=3" -R ${REMOTE_PORT}:localhost:22 ${REMOTE_USER}@${REMOTE_USER}<br />
</source><br />
/etc/systemd/system/reversessh.service<br />
<source lang=bash><br />
[Unit]<br />
Description=Reverse SSH tunnel<br />
After=network.target<br />
StartLimitIntervalSec=60<br />
StartLimitBurst=12<br />
<br />
<br />
[Service]<br />
ExecStart=/bin/bash /home/steve/bin/reversessh.sh<br />
Type=simple<br />
User=steve<br />
Group=steve<br />
Restart=on-failure<br />
RestartSec=5<br />
<br />
<br />
[Install]<br />
WantedBy=default.target<br />
RequiredBy=network.target<br />
</source><br />
=local machine=<br />
On local machine you want to ssh from.<br />
<source lang=bash><br />
#!/bin/bash<br />
<br />
declare -A hosts<br />
<br />
# machinename in /etc/hosts maps to portnumber<br />
hosts["mars"]=9999<br />
hosts["mbus1"]=9998<br />
hosts["mars2"]=9997<br />
hosts["dhdc"]=9996<br />
<br />
host=$1<br />
user=$2<br />
ip="localhost"<br />
<br />
ssh $3 -p ${hosts[${host}]} ${user}@${ip}<br />
</source><br />
<br />
=Links=<br />
*https://qbee.io/misc/reverse-ssh-tunneling-the-ultimate-guide/<br />
[[Category:Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Ssh_reverse_tunnel&diff=41708
Ssh reverse tunnel
2026-01-22T13:27:42Z
<p>Heth: /* Links */</p>
<hr />
<div>To ssh to a Linux server behind a firewall that doesn't allow incoming connections, a reverse ssh tunnel can be created from the server to a known client host. The client host should have a static IP address or a DNS hostname.<br />
<br />
=Remote server=<br />
To allow login without password create public/private rsa key pair on the client and copy the private key to the .ssh/authorized_keys file an set mod to 600 <br />
<source lang=bash><br />
ssh -o TCPKeepAlive=yes -R 9000:localhost:22 heth@93.166.84.21<br />
</source><br />
Establishing the reversed tunnel from a scriptfile. You probably needs to install '''autossh'''. <br />
<source lang=bash><br />
#!/usr/bin/bash<br />
# See: https://medium.com/@souri.rv/autossh-for-keeping-ssh-tunnels-alive-5c14207c6ba9<br />
REMOTE_HOST="222.2.2.2"<br />
REMOTE_PORT="9000"<br />
REMOTE_USER="steve"<br />
<br />
autossh -M 0 -gNC $1 -o "ExitOnForwardFailure=yes" -o "ServerAliveInterval=10" -o "ServerAliveCountMax=3" -R ${REMOTE_PORT}:localhost:22 ${REMOTE_USER}@${REMOTE_USER}<br />
</source><br />
/etc/systemd/system/reversessh.service<br />
<source lang=bash><br />
[Unit]<br />
Description=Reverse SSH tunnel<br />
After=network.target<br />
StartLimitIntervalSec=60<br />
StartLimitBurst=12<br />
<br />
<br />
[Service]<br />
ExecStart=/bin/bash /home/steve/bin/reversessh.sh<br />
Type=simple<br />
User=steve<br />
Group=steve<br />
Restart=on-failure<br />
RestartSec=5<br />
<br />
<br />
[Install]<br />
WantedBy=default.target<br />
RequiredBy=network.target<br />
</source><br />
=local machine=<br />
On local machine you want to ssh from.<br />
<source lang=bash><br />
#!/bin/bash<br />
<br />
declare -A hosts<br />
<br />
# machinename in /etc/hosts maps to portnumber<br />
hosts["mars"]=9999<br />
hosts["mbus1"]=9998<br />
hosts["mars2"]=9997<br />
hosts["dhdc"]=9996<br />
<br />
host=$1<br />
user=$2<br />
ip="localhost"<br />
<br />
echo "Value for $host is ${hosts[${host}]}"<br />
echo "Value for $host is ${hosts[$host]}"<br />
set -x<br />
#ssh -p ${hosts[${host}]} ${user}@${localhost}<br />
ssh $3 -p ${hosts[${host}]} ${user}@${ip}<br />
<br />
</source><br />
=Links=<br />
*https://qbee.io/misc/reverse-ssh-tunneling-the-ultimate-guide/<br />
[[Category:Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Selinux&diff=41707
Selinux
2025-11-30T06:02:18Z
<p>Heth: /* selinux policy analysis */</p>
<hr />
<div>=selinux policy analysis=<br />
<source lang=bash><br />
dnf install setools-console<br />
seinfo<br />
</source><br />
=DAC and MAC=<br />
* Discretionary access control (DAC)<br />
**Traditional file/process access rights <br />
* Mandatory access control (MAC)<br />
**Selinux<br />
*See: http://csrc.nist.gov/publications/history/dod85.pdf<br />
[[Category:Red Hat]][[Category:Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Selinux&diff=41706
Selinux
2025-11-29T12:56:46Z
<p>Heth: /* selinux policy analysis */</p>
<hr />
<div>=selinux policy analysis=<br />
<source lang=bash><br />
dnf install setools-console<br />
seinfo<br />
</source><br />
<br />
[[Category:Red Hat]][[Category:Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Selinux&diff=41705
Selinux
2025-11-29T12:56:32Z
<p>Heth: /* selinux policy analysis */</p>
<hr />
<div>=selinux policy analysis=<br />
<source lang=bash><br />
dnf install setools-console<br />
seinfo<br />
</source><br />
<br />
[[Category:Red hat]][[Category:Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Selinux&diff=41704
Selinux
2025-11-29T12:55:51Z
<p>Heth: Created page with "=selinux policy analysis= <source lang=bash> dnf install setools-console seinfo </source> Category:RedhatCategory:Linux"</p>
<hr />
<div>=selinux policy analysis=<br />
<source lang=bash><br />
dnf install setools-console<br />
seinfo<br />
</source><br />
<br />
[[Category:Redhat]][[Category:Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Dnf_Red_Hat&diff=41703
Dnf Red Hat
2025-11-29T07:01:55Z
<p>Heth: </p>
<hr />
<div>'''Remember [[sudo]]<br />
*dnf search foo # Search for package containing foo in either name or short description<br />
*dnf list # List all installed packages<br />
*dnf list *lib* # List all files containing lib in its name<br />
*dnf install foo # Install the package named foo<br />
==Summary commands==<br />
[[Image:DNF summary.png|500px|Source:https://learning.oreilly.com/library/view/red-hat-rhcsa/9780138096311/ch09.xhtml#ch09lev1sec04]]<br />
==dnf groups==<br />
A group is a collection of packages which typically collects several packages needed by a service, simplifying installation.<br />
<br />
To see main groups<br />
<source lang=bash><br />
dnf group list<br />
</source><br />
To see additional groups<br />
<source lang=bash><br />
dnf group list hidden<br />
</source><br />
Install a group - example<br />
<source lang=bash><br />
dnf groupinstall "TeX formatting system"<br />
</source><br />
==dnf modules==<br />
Modules allows you to access/install different versions of an application stream. An application stream is a specific version of a module - for example php version 8.1.<br />
<br />
Only one application stream can be enables at any given time.<br />
<source lang=bash><br />
dnf module list<br />
...<br />
dnf module info php:8.1<br />
...<br />
dnf module enable php:8.1<br />
...<br />
dnf module install php:8.2<br />
dnf distro-sync<br />
</source><br />
==epel repository ==<br />
The EPEL (Extra Packages for Enterprise Linux) repository is a popular community-driven repository that provides additional high-quality packages for Red Hat Enterprise Linux (RHEL), CentOS, and other compatible distributions.<br />
<br />
The epel release is maintaned by [https://docs.fedoraproject.org/en-US/epel/ Fedora]<br />
<br />
<source lang=bash><br />
sudo dnf install epel-release<br />
</source><br />
<br />
<br />
<br />
==Articles==<br />
*[https://www.redhat.com/sysadmin/how-manage-packages DNF, YUM and/or RPM]<br />
<br />
[[Category:Red Hat]][[category:Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=VXLAN_ubuntu&diff=41702
VXLAN ubuntu
2025-11-15T11:51:07Z
<p>Heth: Created page with "=Links= *https://scottstuff.net/posts/2024/11/24/vxlan-evpn-ubuntu/ Category:Linux"</p>
<hr />
<div>=Links=<br />
*https://scottstuff.net/posts/2024/11/24/vxlan-evpn-ubuntu/<br />
[[Category:Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Ss_Linux&diff=41701
Ss Linux
2025-11-06T04:35:43Z
<p>Heth: /* Listening sockets */</p>
<hr />
<div>==Listening sockets==<br />
<source lang=bash><br />
heth@dotnet:~$ ss -tulnp<br />
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process<br />
udp UNCONN 0 0 127.0.0.54:53 0.0.0.0:*<br />
udp UNCONN 0 0 127.0.0.53%lo:53 0.0.0.0:*<br />
udp UNCONN 0 0 192.168.56.112%enp0s8:68 0.0.0.0:*<br />
udp UNCONN 0 0 192.168.64.108%enp0s3:68 0.0.0.0:*<br />
tcp LISTEN 0 128 127.0.0.1:6010 0.0.0.0:*<br />
tcp LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*<br />
tcp LISTEN 0 4096 0.0.0.0:22 0.0.0.0:*<br />
tcp LISTEN 0 4096 127.0.0.54:53 0.0.0.0:*<br />
tcp LISTEN 0 4096 [::]:22 [::]:*<br />
tcp LISTEN 0 128 [::1]:6010 [::]:*<br />
</source><br />
[[Category:Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Ss_Linux&diff=41700
Ss Linux
2025-11-06T04:35:33Z
<p>Heth: Created page with "==Listening sockets== <source lang=bash> heth@dotnet:~$ ss -tulnp Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process u..."</p>
<hr />
<div>==Listening sockets==<br />
<source lang=bash><br />
heth@dotnet:~$ ss -tulnp<br />
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process<br />
udp UNCONN 0 0 127.0.0.54:53 0.0.0.0:*<br />
udp UNCONN 0 0 127.0.0.53%lo:53 0.0.0.0:*<br />
udp UNCONN 0 0 192.168.56.112%enp0s8:68 0.0.0.0:*<br />
udp UNCONN 0 0 192.168.64.108%enp0s3:68 0.0.0.0:*<br />
tcp LISTEN 0 128 127.0.0.1:6010 0.0.0.0:*<br />
tcp LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*<br />
tcp LISTEN 0 4096 0.0.0.0:22 0.0.0.0:*<br />
tcp LISTEN 0 4096 127.0.0.54:53 0.0.0.0:*<br />
tcp LISTEN 0 4096 [::]:22 [::]:*<br />
tcp LISTEN 0 128 [::1]:6010 [::]:*<br />
<source><br />
[[Category:Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Netstat_Linux&diff=41699
Netstat Linux
2025-11-06T04:29:53Z
<p>Heth: Created page with "Replaced with the ss command. category:Linux"</p>
<hr />
<div>Replaced with the [[ss Linux|ss]] command.<br />
[[category:Linux]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=GNS3_installation_windows&diff=41698
GNS3 installation windows
2025-10-13T05:33:52Z
<p>Heth: </p>
<hr />
<div>#Installer en virtualiseringsplatform<br />
##Kan være [https://www.virtualbox.org/ VirtualBox], [https://www.vmware.com/products/desktop-hypervisor/workstation-and-fusion VMware Workstation/fusion] eller ESXI eller HyperV<br />
##Jeg anvender VirtualBox<br />
# Download [https://www.gns3.com/software/download-vm GNS3-VM] og installer i din virtualiseringsplatform <br />
# Installer [https://www.gns3.com/software/download GNS3 GUI] på din klient<br />
## Under preferences server:<br />
### Fjern fluehak i '''Enable local server'''<br />
### Protocol: http<br />
### Host: IP adresse på GNS3 VM<br />
### Port: 80 TCP<br />
<br />
''Bemærk:'' Kan godt drille lidt Se evt. [https://docs.gns3.com/docs/getting-started/installation/windows GNS3 dokumentation]<br />
<br />
[[Category:GNS3]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=GNS3_installation_windows&diff=41697
GNS3 installation windows
2025-10-13T05:33:42Z
<p>Heth: </p>
<hr />
<div>#Installer en virtualiseringsplatform<br />
##Kan være [https://www.virtualbox.org/ VirtualBox], [https://www.vmware.com/products/desktop-hypervisor/workstation-and-fusion VMware Workstation/fusion] eller ESXI eller HyperV<br />
##Jeg anvender VirtualBox<br />
# Download [https://www.gns3.com/software/download-vm GNS3-VM] og installer i din virtualiseringsplatform <br />
# Installer [https://www.gns3.com/software/download GNS3 GUI] på din klient<br />
## Under preferences server:<br />
### Fjern fluehak i '''Enable local server'''<br />
### Protocol: http<br />
### Host: IP adresse på GNS3 VM<br />
### Port: 80 TCP<br />
<br />
''Bemærk:'' Kan godt drille lidt Se evt. [https://docs.gns3.com/docs/getting-started/installation/windows GNS3 dokumentation)<br />
<br />
[[Category:GNS3]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=GNS3_installation_windows&diff=41696
GNS3 installation windows
2025-10-13T05:30:17Z
<p>Heth: </p>
<hr />
<div>#Installer en virtualiseringsplatform<br />
##Kan være [https://www.virtualbox.org/ VirtualBox], [https://www.vmware.com/products/desktop-hypervisor/workstation-and-fusion VMware Workstation/fusion] eller ESXI eller HyperV<br />
##Jeg anvender VirtualBox<br />
# Download [https://www.gns3.com/software/download-vm GNS3-VM] og installer i din virtualiseringsplatform <br />
# Installer [https://www.gns3.com/software/download GNS3 GUI] på din klient<br />
## Under preferences server:<br />
### Fjern fluehak i '''Enable local server'''<br />
### Protocol: http<br />
### Host: IP adresse på GNS3 VM<br />
### Port: 80 TCP<br />
<br />
''Bemærk:'' Kan godt drille lidt <br />
<br />
[[Category:GNS3]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=GNS3_installation_windows&diff=41695
GNS3 installation windows
2025-10-13T05:29:55Z
<p>Heth: Created page with "#Installer en virtualiseringsplatform ##Kan være [https://www.virtualbox.org/ VirtualBox], [https://www.vmware.com/products/desktop-hypervisor/workstation-and-fusion VMware W..."</p>
<hr />
<div>#Installer en virtualiseringsplatform<br />
##Kan være [https://www.virtualbox.org/ VirtualBox], [https://www.vmware.com/products/desktop-hypervisor/workstation-and-fusion VMware Workstation/fusion] eller ESXI eller HyperV<br />
#Jeg anvender VirtualBox<br />
# Download [https://www.gns3.com/software/download-vm GNS3-VM] og installer i din virtualiseringsplatform <br />
# Installer [https://www.gns3.com/software/download GNS3 GUI] på din klient<br />
## Under preferences server:<br />
### Fjern fluehak i '''Enable local server'''<br />
### Protocol: http<br />
### Host: IP adresse på GNS3 VM<br />
### Port: 80 TCP<br />
<br />
''Bemærk:'' Kan godt drille lidt <br />
<br />
[[Category:GNS3]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Uddannelses_Portal&diff=41694
Uddannelses Portal
2025-09-11T05:42:04Z
<p>Heth: </p>
<hr />
<div>__NOTOC__<br />
;BEMÆRK: Der er kommet en ny revision af Datauddannelserne. Se artiklen [[/Datauddannelser Version 8 revision 2011|Datauddannelser Version 8 og version 9]] for beskrivelse<br />
{|<br />
|-valign=top<br />
|<br />
{{FrontpageBox~<br />
|colorcombination = 2<br />
|picture = fileshare.png<br />
|headline = Datauddannelser - Version 9<br />
|bgcolor = transparent<br />
|bottombox = House of Technology<br />
|content =<br />
{{FrontpageBox/subject~<br />
|colorcombination = 2<br />
|title = Fagspecialer<br />
}}<br />
*[[Lokale Uddannelses Planer|Lokale Uddannelses Planer]]<br />
*[[DatateknikerV9/svendeprøve drejebog|Datatekniker version 9 Svendeprøve]]<br />
[https://www.retsinformation.dk/eli/lta/2020/528 BEK nr 528 af 27/04/2020]<br />
*[[AMU]]<br />
{{FrontpageBox/subject~<br />
|colorcombination = 2<br />
|title = Fagfordelingsplaner<br />
}}<br />
{{FrontpageBox/subject~<br />
|colorcombination = 2<br />
|title = Diverse<br />
}}<br />
=Version 10=<br />
*[https://iu.dk/public/dokumenter/uddannelser/stroem_styring_it/data_og_kommunikation/2017Uddannelsesordning%20for%20data-%20og%20kommunikationsuddannelsen.pdf Uddannelsesordning]<br />
*[https://uvm.dk/erhvervsuddannelser/proever-og-eksamen/de-afsluttende-proever Afsluttende Prøver]<br />
*[https://www.retsinformation.dk/eli/lta/2023/312 Bekendtgørelse fra retsinformation fra 22. marts 2023]<br />
=NOTATER=<br />
*Version 6-april 2017 [https://www.retsinformation.dk/Forms/R0710.aspx?id=188666 Bekendtgørelse om data- og kommunikationsuddannelsen]<br />
*Version 9-august 2015 [http://www.uddannelsesadministration.dk/Uddannelsesordninger/22352/Uddannelsesordning%20for%20data-%20og%20kommunikationsuddannelsen.pdf Uddannelsesordning]<br />
*Version 9-august 2015 [http://www.industriensuddannelser.dk/uddannelser/erhvervsuddannelser/data-ogkommunikationsuddannelsen/datateknikermedspecialeiinfrastruktur/ Industriens uddannelser]<br />
*[https://www.retsinformation.dk/Forms/R0710.aspx?id=161427 Bekendtgørelse om prøver og eksamen i grundlæggende erhvervsrettede uddannelser]<br />
*[https://www.retsinformation.dk/Forms/R0710.aspx?id=179825 Bekendtgørelse om erhvervsuddannelser] (Arbejdstid etc)<br />
<br />
*[https://www.retsinformation.dk/Forms/R0710.aspx?id=145737 Bekendtgørelse nr 372 af 15/04/2013] (strøm, styring og it)<br />
*[https://www.retsinformation.dk/forms/r0710.aspx?id=161427 BEK nr 41 af 16/01/2014] (Bekendtgørelse om prøver)<br />
*[http://www.industriensuddannelser.dk/public/dokumenter/skuemestre/Afsluttende%20pr%F8ver%20datatekniker/pdf/dok2.pdf Retningslinjer for eksamen/svendeprøven Datatekniker]<br />
**[http://www.industriensuddannelser.dk/public/dokumenter/skuemestre/Afsluttende%20pr%F8ver%20datatekniker/pdf/dok1.pdf Retningslinier anden version 2]<br />
*[https://www.eud.uddannelsesadministration.dk Uddannelsesordning - fag og målepinde ] <br />
*[https://www.uvm.dk/Uddannelser/Erhvervsuddannelser/Skoleudvikling/Lokale-undervisningsplaner Lokale Undervisnings Planer]<br />
}}<br />
|<br />
|{{FrontpageBox~<br />
|colorcombination = 2<br />
|picture = fileshare.png<br />
|headline = Datauddannelser - Version 8-2010<br />
|bgcolor = transparent<br />
|bottombox = House of Technology<br />
|content =<br />
{{FrontpageBox/subject~<br />
|colorcombination = 2<br />
|title = Fagspecialer<br />
}}<br />
*[[IT-Supporter Version 8|IT-Supporter]]<br />
*[[Datatekniker med speciale i programmering Version 8|Datatekniker med speciale i programmering]]<br />
*[[Datatekniker med speciale i infrastruktur Version 8|Datatekniker med speciale i infrastruktur]]<br />
*[[Telesystemtekniker Version 8|Telesystemtekniker]]<br />
*[[Teleinstallationstekniker Version 8|Teleinstallationstekniker]]<br />
<br />
{{FrontpageBox/subject~<br />
|colorcombination = 2<br />
|title = Fagfordelingsplaner<br />
}}<br />
*[[Fagfordelingsplan Data Version 8/IT-Supporter|Fagfordelingsplan IT-Supporter]]<br />
*[[Fagfordelingsplan Data Version 8/Datatekniker-programmering|Fagfordelingsplan Datatekniker programmering]]<br />
*[[Fagfordelingsplan Data Version 8/Datatekniker-infrastruktur|Fagfordelingsplan Datatekniker infrastruktur]]<br />
*Fagfordelingsplan [[Fagfordelingsplan Data Version 8| Sammenligning]]<br />
{{FrontpageBox/subject~<br />
|colorcombination = 2<br />
|title = Diverse<br />
}}<br />
<br />
*[[Valgfrie specialefag Version 8/oversigt|Valgfrie specialefag]]<br />
----<br />
*[[IT-Supporter Version 8/Svendeprøve uddrag|Svendeprøve uddrag]] fra bekendtgørelsen<br />
----<br />
*[[Evaluering version 8]]<br />
----<br />
*Links<br />
**[https://www.retsinformation.dk/Forms/R0710.aspx?id=131809#B2 Bekendtgørelse nr. 607 af 04/06/2010] Version 8 (Gammel)<br />
<br />
**[http://www.uddannelsesadministration.dk/Uddannelsesordninger/14661/Tekstdel%20til%20uddannelsesordning%20for%20Data-%20og%20kommunikationsuddannelsen.pdf Uddannelsesordning] Oversigt<br />
**[http://eud-adm.dk/Reports/VisRapport.aspx?rapport_navn=UddannelsesordningUdvidet.rpt&rapport_type=1&where_clause={EUDK_UDDORDNING_LRAPPORT_V.REG_ID}%20=%2014661%20And%20{EUDK_UDDORDNING_LRAPPORT_V.UDD_ID}%20=%2016362 Uddannelsesordning] Med fag og målepinde (Gammel)<br />
<br />
<br />
}}<br />
|-valign=top<br />
|{{FrontpageBox~<br />
|colorcombination = 3<br />
|picture = lists.png<br />
|headline = Datauddannelser - Version 7<br />
|bgcolor = transparent<br />
|bottombox = House of Technology<br />
|content = <br />
{{FrontpageBox/subject~<br />
|colorcombination = 3<br />
|title = Fagspecialer<br />
}}<br />
*[[IT-SupporterV7|IT-Supporter]]<br />
*[[DatateknikerV7|Datatekniker]] <br />
*[[KontorserviceteknikerV7|Kontorservicetekniker]]<br />
*[[TeleinstallationsteknikerV7|Teleinstallationstekniker]] <br />
*[[TelesystemteknikerV7|Telesystemtekniker]]<br />
<br />
{{FrontpageBox/subject~<br />
|colorcombination = 3<br />
|title = Fagfordeling<br />
}}<br />
*[[fagfordelingsplan datatekniker V7|fagfordelingsplan datatekniker]]<br />
*[[fagfordelingsplan IT-Supporter V8|fagfordelingsplan IT-Supporter]]<br />
*[[fagfordelingsplan kontorservicetekniker V8|fagfordelingsplan kontorservicetekniker]]<br />
*[[fagfordelingsplan teleinstallationstekniker V8|fagfordelingsplan teleinstallationstekniker]]<br />
{{FrontpageBox/subject~<br />
|colorcombination = 3<br />
|title = Diverse<br />
}}<br />
<br />
*[[IT-Supporter version 7 svendeprøve|Uddrag fra bekendtgørelsen om prøver]]<br />
*[[Datatekniker|Datatekniker Uddrag]] fra [https://www.retsinformation.dk/Forms/R0710.aspx?id=115494 bekendtgørelsen] vedr. <br />
datatekniker. (Se bilag 2)<br />
**[[DatateknikerV7/svendeprøve uddrag fra bekendtgørelsen|Svendeprøve uddrag fra bekendtgørelsen]]<br />
**[[DatateknikerV7/svendeprøve drejebog|Datatekniker version 7 svendeprøve drejebog]]<br />
***[[DatateknikerV7/svendeprøve drejebog/klade]]<br />
*[[KontorserviceteknikerV7/svendeprøve svendeprøve uddrag fra bekendtgørelsen|Kontorservicetekniker version 7 uddrag]] fra [https://www.retsinformation.dk/Forms/R0710.aspx?id=115494 bekendtgørelsen]. (Se bilag 2)<br />
*[[Teleinstallationstekniker version 7 svendeprøve|uddrag]] fra [https://www.retsinformation.dk/Forms/R0710.aspx?id=115494 bekendtgørelsen].<br />
*Notater om [[Data og kommunikationsuddannelsen]]<br />
*[[Valgfri Specialefag version 7|Valgfri Specialefag]]<br />
**http://www.valgfri-specialefag.dk/<br />
<br />
}}<br />
|valign=top|<br />
|{{FrontpageBox~<br />
|colorcombination = 7<br />
|picture = lists.png<br />
|headline = Voksenuddannelse<br />
|bgcolor = transparent<br />
|bottombox = House of Technology<br />
|content = <br />
{{FrontpageBox/subject~<br />
|colorcombination = 7<br />
|title = GVU<br />
}}<br />
*[[GVU notater]]<br />
*[https://www.retsinformation.dk/Forms/R0710.aspx?id=23568 GVU Bekendtgørelse]<br />
}}<br />
|<br />
|-<br />
|}<br />
[[Category:Portal]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=SSH_Cisco_IOS&diff=41693
SSH Cisco IOS
2025-09-11T05:19:08Z
<p>Heth: </p>
<hr />
<div>=Prerequisits=<br />
The SSH Version 2 server is supported in Cisco IOS Release 12.3(4)T, 12.3(2)XE, 12.2(25)S, and 12.3(7)JA.<br/><br/><br />
The configuration for the SSH Version 2 server is similar to the configuration for SSH Version 1. The '''ip ssh version''' command was introduced so that you may define which version of SSH to configure. If you do not configure this command, SSH by default runs in compatibility mode; that is, both SSH Version 1 and SSH Version 2 connections are honored.<ref>http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/sec_secure_shell_v2.html</ref><br />
<br/><br/><br />
SSH Version 1 is a protocol that has never been defined in a standard. If you do not want your router to fall back to the undefined protocol (Version 1), you should use the ip ssh version command and specify Version 2.<br/><br />
On Pre IOS 15 SSH version 2 is only a SSH version 1.99 because it is missing some of the mandatory features of version 2.<br />
==Restrictions for Secure Shell Version 2 Support==<br />
*SSH servers and SSH clients are supported in 3DES software images.<br />
*Execution Shell, remote command execution, and SCP are the only applications supported.<br />
*Rivest, Shamir, and Adelman (RSA) key generation is an SSH server-side requirement. Routers that act as SSH clients need not generate RSA keys.<br />
*The RSA key pair size must be greater than or equal to 768.<br />
*The following functionality is not supported:<br />
**Port forwarding<br />
**Compression<br />
<br />
=Example of configuration=<br />
<source lang=cli><br />
hostname R1<br />
!<br />
ip domain-name TSHOOT.HOT<br />
crypto key generate rsa general-keys modulus 2048<br />
!<br />
username admin password 0 Password1.<br />
!<br />
aaa new-model<br />
aaa authentication login default local<br />
aaa authentication login CONSOLE none<br />
aaa authorization exec default local<br />
aaa session-id common<br />
!<br />
enable secret cisco<br />
!<br />
ip ssh time-out 60<br />
ip ssh authentication-retries 2<br />
ip ssh source-interface Loopback0<br />
ip ssh logging events<br />
ip ssh version 2<br />
!<br />
line vty 0 4<br />
transport input ssh<br />
!<br />
line con 0<br />
login authentication CONSOLE<br />
!<br />
service password-encryption<br />
</source><br />
<br />
=References=<br />
<references/><br />
{{Source cli}}<br />
[[Category:IOS]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=SSH_Cisco_IOS&diff=41692
SSH Cisco IOS
2025-09-11T05:15:46Z
<p>Heth: /* Example of configuration */</p>
<hr />
<div>=Prerequisits=<br />
The SSH Version 2 server is supported in Cisco IOS Release 12.3(4)T, 12.3(2)XE, 12.2(25)S, and 12.3(7)JA.<br/><br/><br />
The configuration for the SSH Version 2 server is similar to the configuration for SSH Version 1. The '''ip ssh version''' command was introduced so that you may define which version of SSH to configure. If you do not configure this command, SSH by default runs in compatibility mode; that is, both SSH Version 1 and SSH Version 2 connections are honored.<ref>http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/sec_secure_shell_v2.html</ref><br />
<br/><br/><br />
SSH Version 1 is a protocol that has never been defined in a standard. If you do not want your router to fall back to the undefined protocol (Version 1), you should use the ip ssh version command and specify Version 2.<br/><br />
On Pre IOS 15 SSH version 2 is only a SSH version 1.99 because it is missing some of the mandatory features of version 2.<br />
==Restrictions for Secure Shell Version 2 Support==<br />
*SSH servers and SSH clients are supported in 3DES software images.<br />
*Execution Shell, remote command execution, and SCP are the only applications supported.<br />
*Rivest, Shamir, and Adelman (RSA) key generation is an SSH server-side requirement. Routers that act as SSH clients need not generate RSA keys.<br />
*The RSA key pair size must be greater than or equal to 768.<br />
*The following functionality is not supported:<br />
**Port forwarding<br />
**Compression<br />
<br />
=Example of configuration=<br />
<source lang=cli><br />
hostname R1<br />
!<br />
ip domain-name TSHOOT.HOT<br />
crypto key generate rsa general-keys modulus 1024<br />
!<br />
username admin password 0 Password1.<br />
!<br />
aaa new-model<br />
aaa authentication login default local<br />
aaa authentication login CONSOLE none<br />
aaa authorization exec default local<br />
aaa session-id common<br />
!<br />
enable secret cisco<br />
!<br />
ip ssh time-out 60<br />
ip ssh authentication-retries 2<br />
ip ssh source-interface Loopback0<br />
ip ssh logging events<br />
ip ssh version 2<br />
!<br />
line vty 0 4<br />
transport input ssh<br />
!<br />
line con 0<br />
login authentication CONSOLE<br />
!<br />
service password-encryption<br />
</source><br />
<br />
=References=<br />
<references/><br />
{{Source cli}}<br />
[[Category:IOS]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=SSH_Cisco_IOS&diff=41691
SSH Cisco IOS
2025-09-11T05:13:19Z
<p>Heth: </p>
<hr />
<div>=Prerequisits=<br />
The SSH Version 2 server is supported in Cisco IOS Release 12.3(4)T, 12.3(2)XE, 12.2(25)S, and 12.3(7)JA.<br/><br/><br />
The configuration for the SSH Version 2 server is similar to the configuration for SSH Version 1. The '''ip ssh version''' command was introduced so that you may define which version of SSH to configure. If you do not configure this command, SSH by default runs in compatibility mode; that is, both SSH Version 1 and SSH Version 2 connections are honored.<ref>http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/sec_secure_shell_v2.html</ref><br />
<br/><br/><br />
SSH Version 1 is a protocol that has never been defined in a standard. If you do not want your router to fall back to the undefined protocol (Version 1), you should use the ip ssh version command and specify Version 2.<br/><br />
On Pre IOS 15 SSH version 2 is only a SSH version 1.99 because it is missing some of the mandatory features of version 2.<br />
==Restrictions for Secure Shell Version 2 Support==<br />
*SSH servers and SSH clients are supported in 3DES software images.<br />
*Execution Shell, remote command execution, and SCP are the only applications supported.<br />
*Rivest, Shamir, and Adelman (RSA) key generation is an SSH server-side requirement. Routers that act as SSH clients need not generate RSA keys.<br />
*The RSA key pair size must be greater than or equal to 768.<br />
*The following functionality is not supported:<br />
**Port forwarding<br />
**Compression<br />
<br />
=Example of configuration=<br />
<source lang=cli><br />
hostname R1<br />
!<br />
ip domain-name TSHOOT.HOT<br />
crypto key generate rsa general-keys modulus 1024<br />
!<br />
username admin password 0 l8heise<br />
!<br />
aaa new-model<br />
aaa authentication login default local<br />
aaa authentication login CONSOLE none<br />
aaa authorization exec default local<br />
aaa session-id common<br />
!<br />
enable secret cisco<br />
!<br />
ip ssh time-out 60<br />
ip ssh authentication-retries 2<br />
ip ssh source-interface Loopback0<br />
ip ssh logging events<br />
ip ssh version 2<br />
!<br />
line vty 0 4<br />
transport input ssh<br />
!<br />
line con 0<br />
login authentication CONSOLE<br />
!<br />
service password-encryption<br />
</source><br />
<br />
=References=<br />
<references/><br />
{{Source cli}}<br />
[[Category:IOS]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Screen_linux_command&diff=41690
Screen linux command
2025-09-09T05:38:23Z
<p>Heth: /* Annoying flashing */</p>
<hr />
<div>=Split screen=<br />
Two consoles working together<br />
==On console 1==<br />
<source lang=cli><br />
screen -S banan<br />
</source><br />
==On console 2==<br />
Same user as on console 1<br />
<source lang=cli><br />
screen -x banan<br />
</source><br />
==Annoying flashing==<br />
You can do what you want in a terminal-independent way using just your ''.screenrc''<br />
<source lang=bash><br />
vbell on<br />
vbell_msg ''<br />
termcapinfo * vb=:<br />
</source><br />
The settings are:<br />
<br />
#first line (you already did this)<br />
#second line cancels the Wuff, Wuff!<br />
#third line sets the flash to an empty string<br />
<br />
Note that the trailing colon (:) is needed for the termcap syntax used by screen.<br />
<br />
{{Source cli}}<br />
[[category:Linux]][[category:Linux Command]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=AMU_HAMMR&diff=41689
AMU HAMMR
2025-09-04T12:36:26Z
<p>Heth: </p>
<hr />
<div><br />
=Materialer anvendt=<br />
== Uge 1==<br />
[[Image:Agenda ascom.png|thumb|500px|none|Agenda]]<br />
*[https://mars.merhot.dk/data/ascom/module1/01.01%20-%20Introduction%20to%20IP%20Generic%20diasshow.ppsx Network 1]<br />
*[https://mars.merhot.dk/data/ascom/module1/02.01%20-%20Module%201%20Session%202%20diasshow.ppsx Network 2]<br />
*[https://mars.merhot.dk/data/ascom/module1/03.01%20-%20Module%201%20Session%203%20diasshow.ppsx Network 3]<br />
*[https://mars.merhot.dk/data/ascom/module1/04.01%20-%20Module%201%20Session%204%20diasshow.ppsx Network 4]<br />
*[https://mars.merhot.dk/data/ascom/module1/05.01%20-%20Module%201%20Session%205%20diasshow.ppsx Network 5]<br />
<br />
==Subnetting==<br />
[[File:23.1_-_SUBNET_eksempel.pdf| Subnet eksempel]]<br />
==VPN introduktion==<br />
[https://mars.merhot.dk/data/pdf/VPN_intro.pdf VPN Introduktion]<br />
<br />
== Router øvelse med nat==<br />
=== Del 1 uden Trunking ===<br />
Overordnet plan vi lagde:<br />
Router grundkonfig:<br />
#fa0/0 - DHCP (Anvend ISP'ens DHCP-server)<br />
#Test: show ip int brief, ping 8.8.8.8<br />
#fa0/1 - Statisk IP 172.16.0.1/24<br />
#Test: show ip int br, ping 172.16.0.1<br />
#Konfigurer NAT<br />
#Test: ping 8.8.8.8 source 172.16.0.1<br />
#Test: show ip nat translations<br />
#Konfigurer DHCP på 172.16.0.0/24 scope<br />
#Tilslut PC og test den får en ip<br />
<br />
Del 2:<br />
- VLAN til Teacher og Student<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
!<br />
</source><br />
=== Del 1 med Trunking ===<br />
====Router====<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.0.1<br />
!<br />
ip dhcp pool TEACHER<br />
import all<br />
network 172.16.1.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
no ip address<br />
!<br />
interface GigabitEthernet0/1.10<br />
encapsulation dot1Q 10<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
interface GigabitEthernet0/1.20<br />
encapsulation dot1Q 20<br />
ip address 172.16.1.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
access-list 1 permit 172.16.1.0 0.0.0.255<br />
</source><br />
<br />
====Lag 2 switch====<br />
<source lang=bash><br />
hostname Switch<br />
<br />
interface FastEthernet0/1<br />
switchport mode trunk<br />
!<br />
interface range FastEthernet0/5 - 10<br />
switchport access vlan 10<br />
switchport mode access<br />
!<br />
interface range FastEthernet0/11 - 19<br />
switchport access vlan 20<br />
switchport mode access<br />
</source><br />
<br />
==Del 2 - med LAG 3 switch - statisk routening==<br />
===SOHO Router===<br />
Følgende ekstra konfiguration af SOHO Routeren er foretaget - udover det i del 1.<br />
<br />
*Netværk opbygget i Packet Tracer: [https://mars.merhot.dk/data/netAMU2025.pkt NetAMU2025.pkt]<br />
<source lang=bash><br />
!<br />
ip dhcp excluded-address 10.0.1.1 10.0.1.9<br />
ip dhcp excluded-address 10.0.0.1 10.0.0.9<br />
!<br />
ip dhcp pool GUEST<br />
import all<br />
network 10.0.0.0 255.255.255.0<br />
default-router 10.0.0.1<br />
!<br />
ip dhcp pool HACKERS<br />
import all<br />
network 10.0.1.0 255.255.255.0<br />
default-router 10.0.1.1<br />
!<br />
ip route 10.0.0.0 255.255.255.0 172.16.0.10<br />
ip route 10.0.1.0 255.255.255.0 172.16.0.10<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
access-list 1 permit 172.16.1.0 0.0.0.255 <br />
access-list 1 permit 10.0.0.0 0.0.0.255<br />
access-list 1 permit 10.0.1.0 0.0.0.255<br />
</source><br />
<br />
===Lag tre switch===<br />
<source lang=bash><br />
ip routing<br />
!<br />
interface range GigabitEthernet0/1 - 4<br />
switchport mode access<br />
switchport access vlan 30<br />
!<br />
interface range GigabitEthernet0/5 - 9<br />
switchport access vlan 40<br />
switchport mode access<br />
!<br />
interface GigabitEthernet0/10<br />
no switchport<br />
ip address 172.16.0.10 255.255.255.0<br />
!<br />
interface Vlan30<br />
ip address 10.0.0.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
!<br />
interface Vlan40<br />
ip address 10.0.1.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
!<br />
ip route 0.0.0.0 0.0.0.0 172.16.0.1<br />
</source><br />
<br />
=Links=<br />
*[https://www.netacad.com/ Link til Cisco Netacad]<br />
*[[ASC II]] - Koder for bogstaver og tal <br />
*[https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html Putty] et gratis terminal emuleringssoftware<br />
[[Category:Course]][[Category:Network]]<br />
*[https://www.netacad.com/courses/ccna-introduction-networks?courseLang=en-US&instance_id=46a950b1-8175-474a-85fe-0e5e906a7f1a Introduction to networks]<br />
*[https://www.youtube.com/watch?v=FIV2-44uTmw Fiber kabel lægning med skibet Resolute]</div>
Heth
http://mars.merhot.dk/w/index.php?title=AMU_HAMMR&diff=41688
AMU HAMMR
2025-09-04T12:35:33Z
<p>Heth: /* Subnetting */</p>
<hr />
<div><br />
=Materialer anvendt=<br />
== Uge 1==<br />
[[Image:Agenda ascom.png|thumb|500px|none|Agenda]]<br />
*[https://mars.merhot.dk/data/ascom/module1/01.01%20-%20Introduction%20to%20IP%20Generic%20diasshow.ppsx Network 1]<br />
*[https://mars.merhot.dk/data/ascom/module1/02.01%20-%20Module%201%20Session%202%20diasshow.ppsx Network 2]<br />
*[https://mars.merhot.dk/data/ascom/module1/03.01%20-%20Module%201%20Session%203%20diasshow.ppsx Network 3]<br />
*[https://mars.merhot.dk/data/ascom/module1/04.01%20-%20Module%201%20Session%204%20diasshow.ppsx Network 4]<br />
*[https://mars.merhot.dk/data/ascom/module1/05.01%20-%20Module%201%20Session%205%20diasshow.ppsx Network 5]<br />
<br />
==Subnetting==<br />
[[File:23.1_-_SUBNET_eksempel.pdf| Subnet eksempel]]<br />
==VPN introduktion==<br />
[[File:https://mars.merhot.dk/data/pdf/VPN_intro.pdf VPN Introduktion]]<br />
<br />
== Router øvelse med nat==<br />
=== Del 1 uden Trunking ===<br />
Overordnet plan vi lagde:<br />
Router grundkonfig:<br />
#fa0/0 - DHCP (Anvend ISP'ens DHCP-server)<br />
#Test: show ip int brief, ping 8.8.8.8<br />
#fa0/1 - Statisk IP 172.16.0.1/24<br />
#Test: show ip int br, ping 172.16.0.1<br />
#Konfigurer NAT<br />
#Test: ping 8.8.8.8 source 172.16.0.1<br />
#Test: show ip nat translations<br />
#Konfigurer DHCP på 172.16.0.0/24 scope<br />
#Tilslut PC og test den får en ip<br />
<br />
Del 2:<br />
- VLAN til Teacher og Student<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
!<br />
</source><br />
=== Del 1 med Trunking ===<br />
====Router====<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.0.1<br />
!<br />
ip dhcp pool TEACHER<br />
import all<br />
network 172.16.1.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
no ip address<br />
!<br />
interface GigabitEthernet0/1.10<br />
encapsulation dot1Q 10<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
interface GigabitEthernet0/1.20<br />
encapsulation dot1Q 20<br />
ip address 172.16.1.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
access-list 1 permit 172.16.1.0 0.0.0.255<br />
</source><br />
<br />
====Lag 2 switch====<br />
<source lang=bash><br />
hostname Switch<br />
<br />
interface FastEthernet0/1<br />
switchport mode trunk<br />
!<br />
interface range FastEthernet0/5 - 10<br />
switchport access vlan 10<br />
switchport mode access<br />
!<br />
interface range FastEthernet0/11 - 19<br />
switchport access vlan 20<br />
switchport mode access<br />
</source><br />
<br />
==Del 2 - med LAG 3 switch - statisk routening==<br />
===SOHO Router===<br />
Følgende ekstra konfiguration af SOHO Routeren er foretaget - udover det i del 1.<br />
<br />
*Netværk opbygget i Packet Tracer: [https://mars.merhot.dk/data/netAMU2025.pkt NetAMU2025.pkt]<br />
<source lang=bash><br />
!<br />
ip dhcp excluded-address 10.0.1.1 10.0.1.9<br />
ip dhcp excluded-address 10.0.0.1 10.0.0.9<br />
!<br />
ip dhcp pool GUEST<br />
import all<br />
network 10.0.0.0 255.255.255.0<br />
default-router 10.0.0.1<br />
!<br />
ip dhcp pool HACKERS<br />
import all<br />
network 10.0.1.0 255.255.255.0<br />
default-router 10.0.1.1<br />
!<br />
ip route 10.0.0.0 255.255.255.0 172.16.0.10<br />
ip route 10.0.1.0 255.255.255.0 172.16.0.10<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
access-list 1 permit 172.16.1.0 0.0.0.255 <br />
access-list 1 permit 10.0.0.0 0.0.0.255<br />
access-list 1 permit 10.0.1.0 0.0.0.255<br />
</source><br />
<br />
===Lag tre switch===<br />
<source lang=bash><br />
ip routing<br />
!<br />
interface range GigabitEthernet0/1 - 4<br />
switchport mode access<br />
switchport access vlan 30<br />
!<br />
interface range GigabitEthernet0/5 - 9<br />
switchport access vlan 40<br />
switchport mode access<br />
!<br />
interface GigabitEthernet0/10<br />
no switchport<br />
ip address 172.16.0.10 255.255.255.0<br />
!<br />
interface Vlan30<br />
ip address 10.0.0.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
!<br />
interface Vlan40<br />
ip address 10.0.1.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
!<br />
ip route 0.0.0.0 0.0.0.0 172.16.0.1<br />
</source><br />
<br />
=Links=<br />
*[https://www.netacad.com/ Link til Cisco Netacad]<br />
*[[ASC II]] - Koder for bogstaver og tal <br />
*[https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html Putty] et gratis terminal emuleringssoftware<br />
[[Category:Course]][[Category:Network]]<br />
*[https://www.netacad.com/courses/ccna-introduction-networks?courseLang=en-US&instance_id=46a950b1-8175-474a-85fe-0e5e906a7f1a Introduction to networks]<br />
*[https://www.youtube.com/watch?v=FIV2-44uTmw Fiber kabel lægning med skibet Resolute]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Switch_port_mirroring&diff=41687
Switch port mirroring
2025-09-03T07:46:42Z
<p>Heth: /* Mirror a trunk port or other layer 2 traffic */</p>
<hr />
<div>Switch port mirroring is often used when sniffing traffic to/from a device. Se drawing below.<br />
{|<br />
|<br />
[[Image:Switch with mirror function.png|thumb|700px|left| Switch with port mirroring]]<br />
|}<br />
<br />
*[http://wiki.wireshark.org/SwitchReference Wireshark Switch reference list]<br />
=Cisco Switch=<br />
Example below: Send a copy of traffic on fastethernet 0/1 to fastethernet 0/2. Traffic in both directions are mirrored.<br />
<source lang=cli><br />
SW1# configure terminal<br />
SW1(config)# monitor session 1 source interface fastethernet0/1 <br />
SW1(config)# monitor session 1 destination interface fastethernet 0/2<br />
</source><br />
<br />
Remove mirror from session 1.<br />
<source lang=cli><br />
SW1# CONFIGURE TERMINAL<br />
SW1(config)# no MONITOR SESSION 1 <br />
</source><br />
== Mirror a trunk port or other layer 2 traffic==<br />
<source lang=cli><br />
SW1# configure terminal<br />
SW1(config)# monitor session 1 source interface fastethernet0/1 <br />
SW1(config)# monitor session 1 destination interface fastethernet 0/2 encapsulation replicate<br />
</source><br />
<br />
=Zyxel switch=<br />
Copy traffic from port 1,4,5 and 6 to port 3 (Note '''both''' means mirror traffic in both directions)<br />
*<br />
<source lang=cli><br />
Switch(config)# <input>mirror-port</input><br />
Switch(config)# <input>mirror-port 3</input><br />
Switch(config)# <input>interface port-channel 1,4-6</input><br />
Switch(config-interface)# <input>mirror</input><br />
Switch(config-interface)# <input>mirror dir both</input><br />
</source><br />
Remove mirror again<br />
<source lang=cli><br />
Switch(config)# <input>no mirror-port</input><br />
</source><br />
<br />
=LG iPECS ES-3026P=<br />
==From CLI==<br />
Monitor traffic in both directions on port 1/7 mirrorport 1/17<br />
<source lang=cli><br />
iPECS Ethernet Switch Administration<br />
<br />
Username: <input>admin</input><br />
Password: <input>admin</input><br />
<br />
CLI session with the ES-3026P is opened.<br />
To end the CLI session, enter [Exit].<br />
<br />
ES-3026P#<input>configure</input><br />
ES-3026P(config)#<input>interface ethernet 1/17</input><br />
ES-3026P(config-if)#<input>port monitor ethernet 1/7 both</input><br />
</source><br />
Remove mirror port again<br />
<source lang=cli><br />
ES-3026P#<input>configure</input><br />
ES-3026P(config)#<input>interface ethernet 1/17</input><br />
ES-3026P(config-if)#<input>no port monitor ethernet 1/7</input><br />
</source><br />
==From GUI==<br />
{|<br />
|<br />
[[Image:LGs1.gif|700px|thumb|left|Add mirror from webinterface on switch]]<br />
|-<br />
[[Image:LGs2.gif|700px|thumb|left|Remove mirror from webinterface on switch]]<br />
|}<br />
=Network taps=<br />
==Dual Comm==<br />
*[http://www.lovemytool.com/blog/2010/04/review-of-dualcomm-5-port-pass-through-port-mirroring-switch-by-betty-dubois.html Artikel om Dualcomm 5-Port Pass-Through Port Mirroring Switch]<br />
*[http://www.dual-comm.com/gigabit_port-mirroring-LAN_switch.htm 10/100/1000 Network TAP] med PoS pass-through. Powerered fra USB<br />
*[http://www.dual-comm.com/ Dual-Comm hjemmeside]<br />
<br />
{{Source cli}}<br />
[[Category:Network]][[Category:Fejlfinding]][[Category:Network management]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=Switch_port_mirroring&diff=41686
Switch port mirroring
2025-09-03T07:46:31Z
<p>Heth: </p>
<hr />
<div>Switch port mirroring is often used when sniffing traffic to/from a device. Se drawing below.<br />
{|<br />
|<br />
[[Image:Switch with mirror function.png|thumb|700px|left| Switch with port mirroring]]<br />
|}<br />
<br />
*[http://wiki.wireshark.org/SwitchReference Wireshark Switch reference list]<br />
=Cisco Switch=<br />
Example below: Send a copy of traffic on fastethernet 0/1 to fastethernet 0/2. Traffic in both directions are mirrored.<br />
<source lang=cli><br />
SW1# configure terminal<br />
SW1(config)# monitor session 1 source interface fastethernet0/1 <br />
SW1(config)# monitor session 1 destination interface fastethernet 0/2<br />
</source><br />
<br />
Remove mirror from session 1.<br />
<source lang=cli><br />
SW1# CONFIGURE TERMINAL<br />
SW1(config)# no MONITOR SESSION 1 <br />
</source><br />
== Mirror a trunk port or other layer 2 traffic==<br />
</source lang=cli><br />
SW1# configure terminal<br />
SW1(config)# monitor session 1 source interface fastethernet0/1 <br />
SW1(config)# monitor session 1 destination interface fastethernet 0/2 encapsulation replicate<br />
</source><br />
=Zyxel switch=<br />
Copy traffic from port 1,4,5 and 6 to port 3 (Note '''both''' means mirror traffic in both directions)<br />
*<br />
<source lang=cli><br />
Switch(config)# <input>mirror-port</input><br />
Switch(config)# <input>mirror-port 3</input><br />
Switch(config)# <input>interface port-channel 1,4-6</input><br />
Switch(config-interface)# <input>mirror</input><br />
Switch(config-interface)# <input>mirror dir both</input><br />
</source><br />
Remove mirror again<br />
<source lang=cli><br />
Switch(config)# <input>no mirror-port</input><br />
</source><br />
<br />
=LG iPECS ES-3026P=<br />
==From CLI==<br />
Monitor traffic in both directions on port 1/7 mirrorport 1/17<br />
<source lang=cli><br />
iPECS Ethernet Switch Administration<br />
<br />
Username: <input>admin</input><br />
Password: <input>admin</input><br />
<br />
CLI session with the ES-3026P is opened.<br />
To end the CLI session, enter [Exit].<br />
<br />
ES-3026P#<input>configure</input><br />
ES-3026P(config)#<input>interface ethernet 1/17</input><br />
ES-3026P(config-if)#<input>port monitor ethernet 1/7 both</input><br />
</source><br />
Remove mirror port again<br />
<source lang=cli><br />
ES-3026P#<input>configure</input><br />
ES-3026P(config)#<input>interface ethernet 1/17</input><br />
ES-3026P(config-if)#<input>no port monitor ethernet 1/7</input><br />
</source><br />
==From GUI==<br />
{|<br />
|<br />
[[Image:LGs1.gif|700px|thumb|left|Add mirror from webinterface on switch]]<br />
|-<br />
[[Image:LGs2.gif|700px|thumb|left|Remove mirror from webinterface on switch]]<br />
|}<br />
=Network taps=<br />
==Dual Comm==<br />
*[http://www.lovemytool.com/blog/2010/04/review-of-dualcomm-5-port-pass-through-port-mirroring-switch-by-betty-dubois.html Artikel om Dualcomm 5-Port Pass-Through Port Mirroring Switch]<br />
*[http://www.dual-comm.com/gigabit_port-mirroring-LAN_switch.htm 10/100/1000 Network TAP] med PoS pass-through. Powerered fra USB<br />
*[http://www.dual-comm.com/ Dual-Comm hjemmeside]<br />
<br />
{{Source cli}}<br />
[[Category:Network]][[Category:Fejlfinding]][[Category:Network management]]</div>
Heth
http://mars.merhot.dk/w/index.php?title=AMU_HAMMR&diff=41685
AMU HAMMR
2025-09-02T11:56:35Z
<p>Heth: /* SOHO Router */</p>
<hr />
<div><br />
=Materialer anvendt=<br />
== Uge 1==<br />
[[Image:Agenda ascom.png|thumb|500px|none|Agenda]]<br />
*[https://mars.merhot.dk/data/ascom/module1/01.01%20-%20Introduction%20to%20IP%20Generic%20diasshow.ppsx Network 1]<br />
*[https://mars.merhot.dk/data/ascom/module1/02.01%20-%20Module%201%20Session%202%20diasshow.ppsx Network 2]<br />
*[https://mars.merhot.dk/data/ascom/module1/03.01%20-%20Module%201%20Session%203%20diasshow.ppsx Network 3]<br />
*[https://mars.merhot.dk/data/ascom/module1/04.01%20-%20Module%201%20Session%204%20diasshow.ppsx Network 4]<br />
*[https://mars.merhot.dk/data/ascom/module1/05.01%20-%20Module%201%20Session%205%20diasshow.ppsx Network 5]<br />
<br />
==Subnetting==<br />
[[File:23.1_-_SUBNET_eksempel.pdf| Subnet eksempel]]<br />
== Router øvelse med nat==<br />
=== Del 1 uden Trunking ===<br />
Overordnet plan vi lagde:<br />
Router grundkonfig:<br />
#fa0/0 - DHCP (Anvend ISP'ens DHCP-server)<br />
#Test: show ip int brief, ping 8.8.8.8<br />
#fa0/1 - Statisk IP 172.16.0.1/24<br />
#Test: show ip int br, ping 172.16.0.1<br />
#Konfigurer NAT<br />
#Test: ping 8.8.8.8 source 172.16.0.1<br />
#Test: show ip nat translations<br />
#Konfigurer DHCP på 172.16.0.0/24 scope<br />
#Tilslut PC og test den får en ip<br />
<br />
Del 2:<br />
- VLAN til Teacher og Student<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
!<br />
</source><br />
=== Del 1 med Trunking ===<br />
====Router====<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.0.1<br />
!<br />
ip dhcp pool TEACHER<br />
import all<br />
network 172.16.1.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
no ip address<br />
!<br />
interface GigabitEthernet0/1.10<br />
encapsulation dot1Q 10<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
interface GigabitEthernet0/1.20<br />
encapsulation dot1Q 20<br />
ip address 172.16.1.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
access-list 1 permit 172.16.1.0 0.0.0.255<br />
</source><br />
<br />
====Lag 2 switch====<br />
<source lang=bash><br />
hostname Switch<br />
<br />
interface FastEthernet0/1<br />
switchport mode trunk<br />
!<br />
interface range FastEthernet0/5 - 10<br />
switchport access vlan 10<br />
switchport mode access<br />
!<br />
interface range FastEthernet0/11 - 19<br />
switchport access vlan 20<br />
switchport mode access<br />
</source><br />
<br />
==Del 2 - med LAG 3 switch - statisk routening==<br />
===SOHO Router===<br />
Følgende ekstra konfiguration af SOHO Routeren er foretaget - udover det i del 1.<br />
<br />
*Netværk opbygget i Packet Tracer: [https://mars.merhot.dk/data/netAMU2025.pkt NetAMU2025.pkt]<br />
<source lang=bash><br />
!<br />
ip dhcp excluded-address 10.0.1.1 10.0.1.9<br />
ip dhcp excluded-address 10.0.0.1 10.0.0.9<br />
!<br />
ip dhcp pool GUEST<br />
import all<br />
network 10.0.0.0 255.255.255.0<br />
default-router 10.0.0.1<br />
!<br />
ip dhcp pool HACKERS<br />
import all<br />
network 10.0.1.0 255.255.255.0<br />
default-router 10.0.1.1<br />
!<br />
ip route 10.0.0.0 255.255.255.0 172.16.0.10<br />
ip route 10.0.1.0 255.255.255.0 172.16.0.10<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
access-list 1 permit 172.16.1.0 0.0.0.255 <br />
access-list 1 permit 10.0.0.0 0.0.0.255<br />
access-list 1 permit 10.0.1.0 0.0.0.255<br />
</source><br />
<br />
===Lag tre switch===<br />
<source lang=bash><br />
ip routing<br />
!<br />
interface range GigabitEthernet0/1 - 4<br />
switchport mode access<br />
switchport access vlan 30<br />
!<br />
interface range GigabitEthernet0/5 - 9<br />
switchport access vlan 40<br />
switchport mode access<br />
!<br />
interface GigabitEthernet0/10<br />
no switchport<br />
ip address 172.16.0.10 255.255.255.0<br />
!<br />
interface Vlan30<br />
ip address 10.0.0.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
!<br />
interface Vlan40<br />
ip address 10.0.1.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
!<br />
ip route 0.0.0.0 0.0.0.0 172.16.0.1<br />
</source><br />
<br />
=Links=<br />
*[https://www.netacad.com/ Link til Cisco Netacad]<br />
*[[ASC II]] - Koder for bogstaver og tal <br />
*[https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html Putty] et gratis terminal emuleringssoftware<br />
[[Category:Course]][[Category:Network]]<br />
*[https://www.netacad.com/courses/ccna-introduction-networks?courseLang=en-US&instance_id=46a950b1-8175-474a-85fe-0e5e906a7f1a Introduction to networks]<br />
*[https://www.youtube.com/watch?v=FIV2-44uTmw Fiber kabel lægning med skibet Resolute]</div>
Heth
http://mars.merhot.dk/w/index.php?title=AMU_HAMMR&diff=41684
AMU HAMMR
2025-09-02T11:45:21Z
<p>Heth: /* Lag tre switch */</p>
<hr />
<div><br />
=Materialer anvendt=<br />
== Uge 1==<br />
[[Image:Agenda ascom.png|thumb|500px|none|Agenda]]<br />
*[https://mars.merhot.dk/data/ascom/module1/01.01%20-%20Introduction%20to%20IP%20Generic%20diasshow.ppsx Network 1]<br />
*[https://mars.merhot.dk/data/ascom/module1/02.01%20-%20Module%201%20Session%202%20diasshow.ppsx Network 2]<br />
*[https://mars.merhot.dk/data/ascom/module1/03.01%20-%20Module%201%20Session%203%20diasshow.ppsx Network 3]<br />
*[https://mars.merhot.dk/data/ascom/module1/04.01%20-%20Module%201%20Session%204%20diasshow.ppsx Network 4]<br />
*[https://mars.merhot.dk/data/ascom/module1/05.01%20-%20Module%201%20Session%205%20diasshow.ppsx Network 5]<br />
<br />
==Subnetting==<br />
[[File:23.1_-_SUBNET_eksempel.pdf| Subnet eksempel]]<br />
== Router øvelse med nat==<br />
=== Del 1 uden Trunking ===<br />
Overordnet plan vi lagde:<br />
Router grundkonfig:<br />
#fa0/0 - DHCP (Anvend ISP'ens DHCP-server)<br />
#Test: show ip int brief, ping 8.8.8.8<br />
#fa0/1 - Statisk IP 172.16.0.1/24<br />
#Test: show ip int br, ping 172.16.0.1<br />
#Konfigurer NAT<br />
#Test: ping 8.8.8.8 source 172.16.0.1<br />
#Test: show ip nat translations<br />
#Konfigurer DHCP på 172.16.0.0/24 scope<br />
#Tilslut PC og test den får en ip<br />
<br />
Del 2:<br />
- VLAN til Teacher og Student<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
!<br />
</source><br />
=== Del 1 med Trunking ===<br />
====Router====<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.0.1<br />
!<br />
ip dhcp pool TEACHER<br />
import all<br />
network 172.16.1.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
no ip address<br />
!<br />
interface GigabitEthernet0/1.10<br />
encapsulation dot1Q 10<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
interface GigabitEthernet0/1.20<br />
encapsulation dot1Q 20<br />
ip address 172.16.1.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
access-list 1 permit 172.16.1.0 0.0.0.255<br />
</source><br />
<br />
====Lag 2 switch====<br />
<source lang=bash><br />
hostname Switch<br />
<br />
interface FastEthernet0/1<br />
switchport mode trunk<br />
!<br />
interface range FastEthernet0/5 - 10<br />
switchport access vlan 10<br />
switchport mode access<br />
!<br />
interface range FastEthernet0/11 - 19<br />
switchport access vlan 20<br />
switchport mode access<br />
</source><br />
<br />
==Del 2 - med LAG 3 switch - statisk routening==<br />
===SOHO Router===<br />
Følgende ekstra konfiguration af SOHO Routeren er foretaget - udover det i del 1.<br />
<source lang=bash><br />
!<br />
ip dhcp excluded-address 10.0.1.1 10.0.1.9<br />
ip dhcp excluded-address 10.0.0.1 10.0.0.9<br />
!<br />
ip dhcp pool GUEST<br />
import all<br />
network 10.0.0.0 255.255.255.0<br />
default-router 10.0.0.1<br />
!<br />
ip dhcp pool HACKERS<br />
import all<br />
network 10.0.1.0 255.255.255.0<br />
default-router 10.0.1.1<br />
!<br />
ip route 10.0.0.0 255.255.255.0 172.16.0.10<br />
ip route 10.0.1.0 255.255.255.0 172.16.0.10<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
access-list 1 permit 172.16.1.0 0.0.0.255 <br />
access-list 1 permit 10.0.0.0 0.0.0.255<br />
access-list 1 permit 10.0.1.0 0.0.0.255<br />
</source><br />
<br />
===Lag tre switch===<br />
<source lang=bash><br />
ip routing<br />
!<br />
interface range GigabitEthernet0/1 - 4<br />
switchport mode access<br />
switchport access vlan 30<br />
!<br />
interface range GigabitEthernet0/5 - 9<br />
switchport access vlan 40<br />
switchport mode access<br />
!<br />
interface GigabitEthernet0/10<br />
no switchport<br />
ip address 172.16.0.10 255.255.255.0<br />
!<br />
interface Vlan30<br />
ip address 10.0.0.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
!<br />
interface Vlan40<br />
ip address 10.0.1.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
!<br />
ip route 0.0.0.0 0.0.0.0 172.16.0.1<br />
</source><br />
<br />
=Links=<br />
*[https://www.netacad.com/ Link til Cisco Netacad]<br />
*[[ASC II]] - Koder for bogstaver og tal <br />
*[https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html Putty] et gratis terminal emuleringssoftware<br />
[[Category:Course]][[Category:Network]]<br />
*[https://www.netacad.com/courses/ccna-introduction-networks?courseLang=en-US&instance_id=46a950b1-8175-474a-85fe-0e5e906a7f1a Introduction to networks]<br />
*[https://www.youtube.com/watch?v=FIV2-44uTmw Fiber kabel lægning med skibet Resolute]</div>
Heth
http://mars.merhot.dk/w/index.php?title=AMU_HAMMR&diff=41683
AMU HAMMR
2025-09-02T11:37:42Z
<p>Heth: /* SOHO Router */</p>
<hr />
<div><br />
=Materialer anvendt=<br />
== Uge 1==<br />
[[Image:Agenda ascom.png|thumb|500px|none|Agenda]]<br />
*[https://mars.merhot.dk/data/ascom/module1/01.01%20-%20Introduction%20to%20IP%20Generic%20diasshow.ppsx Network 1]<br />
*[https://mars.merhot.dk/data/ascom/module1/02.01%20-%20Module%201%20Session%202%20diasshow.ppsx Network 2]<br />
*[https://mars.merhot.dk/data/ascom/module1/03.01%20-%20Module%201%20Session%203%20diasshow.ppsx Network 3]<br />
*[https://mars.merhot.dk/data/ascom/module1/04.01%20-%20Module%201%20Session%204%20diasshow.ppsx Network 4]<br />
*[https://mars.merhot.dk/data/ascom/module1/05.01%20-%20Module%201%20Session%205%20diasshow.ppsx Network 5]<br />
<br />
==Subnetting==<br />
[[File:23.1_-_SUBNET_eksempel.pdf| Subnet eksempel]]<br />
== Router øvelse med nat==<br />
=== Del 1 uden Trunking ===<br />
Overordnet plan vi lagde:<br />
Router grundkonfig:<br />
#fa0/0 - DHCP (Anvend ISP'ens DHCP-server)<br />
#Test: show ip int brief, ping 8.8.8.8<br />
#fa0/1 - Statisk IP 172.16.0.1/24<br />
#Test: show ip int br, ping 172.16.0.1<br />
#Konfigurer NAT<br />
#Test: ping 8.8.8.8 source 172.16.0.1<br />
#Test: show ip nat translations<br />
#Konfigurer DHCP på 172.16.0.0/24 scope<br />
#Tilslut PC og test den får en ip<br />
<br />
Del 2:<br />
- VLAN til Teacher og Student<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
!<br />
</source><br />
=== Del 1 med Trunking ===<br />
====Router====<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.0.1<br />
!<br />
ip dhcp pool TEACHER<br />
import all<br />
network 172.16.1.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
no ip address<br />
!<br />
interface GigabitEthernet0/1.10<br />
encapsulation dot1Q 10<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
interface GigabitEthernet0/1.20<br />
encapsulation dot1Q 20<br />
ip address 172.16.1.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
access-list 1 permit 172.16.1.0 0.0.0.255<br />
</source><br />
<br />
====Lag 2 switch====<br />
<source lang=bash><br />
hostname Switch<br />
<br />
interface FastEthernet0/1<br />
switchport mode trunk<br />
!<br />
interface range FastEthernet0/5 - 10<br />
switchport access vlan 10<br />
switchport mode access<br />
!<br />
interface range FastEthernet0/11 - 19<br />
switchport access vlan 20<br />
switchport mode access<br />
</source><br />
<br />
==Del 2 - med LAG 3 switch - statisk routening==<br />
===SOHO Router===<br />
Følgende ekstra konfiguration af SOHO Routeren er foretaget - udover det i del 1.<br />
<source lang=bash><br />
!<br />
ip dhcp excluded-address 10.0.1.1 10.0.1.9<br />
ip dhcp excluded-address 10.0.0.1 10.0.0.9<br />
!<br />
ip dhcp pool GUEST<br />
import all<br />
network 10.0.0.0 255.255.255.0<br />
default-router 10.0.0.1<br />
!<br />
ip dhcp pool HACKERS<br />
import all<br />
network 10.0.1.0 255.255.255.0<br />
default-router 10.0.1.1<br />
!<br />
ip route 10.0.0.0 255.255.255.0 172.16.0.10<br />
ip route 10.0.1.0 255.255.255.0 172.16.0.10<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
access-list 1 permit 172.16.1.0 0.0.0.255 <br />
access-list 1 permit 10.0.0.0 0.0.0.255<br />
access-list 1 permit 10.0.1.0 0.0.0.255<br />
</source><br />
<br />
===Lag tre switch===<br />
<source lang=bash><br />
ip routing<br />
!<br />
interface range GigabitEthernet0/1 - 4<br />
switchport mode access<br />
switchport access vlan 30<br />
!<br />
interface range GigabitEthernet0/5 - 9<br />
switchport access vlan 40<br />
switchport mode access<br />
!<br />
interface GigabitEthernet0/10<br />
no switchport<br />
ip address 172.16.0.10 255.255.255.0<br />
!<br />
interface Vlan30<br />
ip address 10.0.0.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
!<br />
interface Vlan40<br />
ip address 10.0.1.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
</source><br />
=Links=<br />
*[https://www.netacad.com/ Link til Cisco Netacad]<br />
*[[ASC II]] - Koder for bogstaver og tal <br />
*[https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html Putty] et gratis terminal emuleringssoftware<br />
[[Category:Course]][[Category:Network]]<br />
*[https://www.netacad.com/courses/ccna-introduction-networks?courseLang=en-US&instance_id=46a950b1-8175-474a-85fe-0e5e906a7f1a Introduction to networks]<br />
*[https://www.youtube.com/watch?v=FIV2-44uTmw Fiber kabel lægning med skibet Resolute]</div>
Heth
http://mars.merhot.dk/w/index.php?title=AMU_HAMMR&diff=41682
AMU HAMMR
2025-09-02T11:24:36Z
<p>Heth: /* Lag 2 switch */</p>
<hr />
<div><br />
=Materialer anvendt=<br />
== Uge 1==<br />
[[Image:Agenda ascom.png|thumb|500px|none|Agenda]]<br />
*[https://mars.merhot.dk/data/ascom/module1/01.01%20-%20Introduction%20to%20IP%20Generic%20diasshow.ppsx Network 1]<br />
*[https://mars.merhot.dk/data/ascom/module1/02.01%20-%20Module%201%20Session%202%20diasshow.ppsx Network 2]<br />
*[https://mars.merhot.dk/data/ascom/module1/03.01%20-%20Module%201%20Session%203%20diasshow.ppsx Network 3]<br />
*[https://mars.merhot.dk/data/ascom/module1/04.01%20-%20Module%201%20Session%204%20diasshow.ppsx Network 4]<br />
*[https://mars.merhot.dk/data/ascom/module1/05.01%20-%20Module%201%20Session%205%20diasshow.ppsx Network 5]<br />
<br />
==Subnetting==<br />
[[File:23.1_-_SUBNET_eksempel.pdf| Subnet eksempel]]<br />
== Router øvelse med nat==<br />
=== Del 1 uden Trunking ===<br />
Overordnet plan vi lagde:<br />
Router grundkonfig:<br />
#fa0/0 - DHCP (Anvend ISP'ens DHCP-server)<br />
#Test: show ip int brief, ping 8.8.8.8<br />
#fa0/1 - Statisk IP 172.16.0.1/24<br />
#Test: show ip int br, ping 172.16.0.1<br />
#Konfigurer NAT<br />
#Test: ping 8.8.8.8 source 172.16.0.1<br />
#Test: show ip nat translations<br />
#Konfigurer DHCP på 172.16.0.0/24 scope<br />
#Tilslut PC og test den får en ip<br />
<br />
Del 2:<br />
- VLAN til Teacher og Student<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
!<br />
</source><br />
=== Del 1 med Trunking ===<br />
====Router====<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.0.1<br />
!<br />
ip dhcp pool TEACHER<br />
import all<br />
network 172.16.1.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
no ip address<br />
!<br />
interface GigabitEthernet0/1.10<br />
encapsulation dot1Q 10<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
interface GigabitEthernet0/1.20<br />
encapsulation dot1Q 20<br />
ip address 172.16.1.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
access-list 1 permit 172.16.1.0 0.0.0.255<br />
</source><br />
<br />
====Lag 2 switch====<br />
<source lang=bash><br />
hostname Switch<br />
<br />
interface FastEthernet0/1<br />
switchport mode trunk<br />
!<br />
interface range FastEthernet0/5 - 10<br />
switchport access vlan 10<br />
switchport mode access<br />
!<br />
interface range FastEthernet0/11 - 19<br />
switchport access vlan 20<br />
switchport mode access<br />
</source><br />
<br />
==Del 2 - med LAG 3 switch - statisk routening==<br />
===SOHO Router===<br />
Følgende ekstra konfiguration af SOHO Routeren er foretaget - udover det i del 1.<br />
<source lang=bash><br />
!<br />
ip dhcp excluded-address 10.0.1.1 10.0.1.9<br />
ip dhcp excluded-address 10.0.0.1 10.0.0.9<br />
!<br />
ip dhcp pool GUEST<br />
import all<br />
network 10.0.0.0 255.255.255.0<br />
default-router 10.0.0.1<br />
!<br />
ip dhcp pool HACKERS<br />
import all<br />
network 10.0.1.0 255.255.255.0<br />
default-router 10.0.1.1<br />
!<br />
ip route 10.0.0.0 255.255.255.0 172.16.0.10<br />
ip route 10.0.1.0 255.255.255.0 172.16.0.10<br />
</source><br />
===Lag tre switch===<br />
<source lang=bash><br />
ip routing<br />
!<br />
interface range GigabitEthernet0/1 - 4<br />
switchport mode access<br />
switchport access vlan 30<br />
!<br />
interface range GigabitEthernet0/5 - 9<br />
switchport access vlan 40<br />
switchport mode access<br />
!<br />
interface GigabitEthernet0/10<br />
no switchport<br />
ip address 172.16.0.10 255.255.255.0<br />
!<br />
interface Vlan30<br />
ip address 10.0.0.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
!<br />
interface Vlan40<br />
ip address 10.0.1.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
</source><br />
=Links=<br />
*[https://www.netacad.com/ Link til Cisco Netacad]<br />
*[[ASC II]] - Koder for bogstaver og tal <br />
*[https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html Putty] et gratis terminal emuleringssoftware<br />
[[Category:Course]][[Category:Network]]<br />
*[https://www.netacad.com/courses/ccna-introduction-networks?courseLang=en-US&instance_id=46a950b1-8175-474a-85fe-0e5e906a7f1a Introduction to networks]<br />
*[https://www.youtube.com/watch?v=FIV2-44uTmw Fiber kabel lægning med skibet Resolute]</div>
Heth
http://mars.merhot.dk/w/index.php?title=AMU_HAMMR&diff=41681
AMU HAMMR
2025-09-02T10:45:38Z
<p>Heth: /* Router øvelse med nat */</p>
<hr />
<div><br />
=Materialer anvendt=<br />
== Uge 1==<br />
[[Image:Agenda ascom.png|thumb|500px|none|Agenda]]<br />
*[https://mars.merhot.dk/data/ascom/module1/01.01%20-%20Introduction%20to%20IP%20Generic%20diasshow.ppsx Network 1]<br />
*[https://mars.merhot.dk/data/ascom/module1/02.01%20-%20Module%201%20Session%202%20diasshow.ppsx Network 2]<br />
*[https://mars.merhot.dk/data/ascom/module1/03.01%20-%20Module%201%20Session%203%20diasshow.ppsx Network 3]<br />
*[https://mars.merhot.dk/data/ascom/module1/04.01%20-%20Module%201%20Session%204%20diasshow.ppsx Network 4]<br />
*[https://mars.merhot.dk/data/ascom/module1/05.01%20-%20Module%201%20Session%205%20diasshow.ppsx Network 5]<br />
<br />
==Subnetting==<br />
[[File:23.1_-_SUBNET_eksempel.pdf| Subnet eksempel]]<br />
== Router øvelse med nat==<br />
=== Del 1 uden Trunking ===<br />
Overordnet plan vi lagde:<br />
Router grundkonfig:<br />
#fa0/0 - DHCP (Anvend ISP'ens DHCP-server)<br />
#Test: show ip int brief, ping 8.8.8.8<br />
#fa0/1 - Statisk IP 172.16.0.1/24<br />
#Test: show ip int br, ping 172.16.0.1<br />
#Konfigurer NAT<br />
#Test: ping 8.8.8.8 source 172.16.0.1<br />
#Test: show ip nat translations<br />
#Konfigurer DHCP på 172.16.0.0/24 scope<br />
#Tilslut PC og test den får en ip<br />
<br />
Del 2:<br />
- VLAN til Teacher og Student<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
!<br />
</source><br />
=== Del 1 med Trunking ===<br />
====Router====<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.0.1<br />
!<br />
ip dhcp pool TEACHER<br />
import all<br />
network 172.16.1.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
no ip address<br />
!<br />
interface GigabitEthernet0/1.10<br />
encapsulation dot1Q 10<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
interface GigabitEthernet0/1.20<br />
encapsulation dot1Q 20<br />
ip address 172.16.1.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
access-list 1 permit 172.16.1.0 0.0.0.255<br />
</source><br />
<br />
====Lag 2 switch====<br />
<source lang=bash><br />
hostname Switch<br />
<br />
interface FastEthernet0/1<br />
switchport mode trunk<br />
!<br />
interface range FastEthernet0/5 - 9<br />
switchport access vlan 10<br />
switchport mode access<br />
!<br />
interface range FastEthernet0/11 - 19<br />
switchport access vlan 20<br />
switchport mode access<br />
</source><br />
<br />
==Del 2 - med LAG 3 switch - statisk routening==<br />
===SOHO Router===<br />
Følgende ekstra konfiguration af SOHO Routeren er foretaget - udover det i del 1.<br />
<source lang=bash><br />
!<br />
ip dhcp excluded-address 10.0.1.1 10.0.1.9<br />
ip dhcp excluded-address 10.0.0.1 10.0.0.9<br />
!<br />
ip dhcp pool GUEST<br />
import all<br />
network 10.0.0.0 255.255.255.0<br />
default-router 10.0.0.1<br />
!<br />
ip dhcp pool HACKERS<br />
import all<br />
network 10.0.1.0 255.255.255.0<br />
default-router 10.0.1.1<br />
!<br />
ip route 10.0.0.0 255.255.255.0 172.16.0.10<br />
ip route 10.0.1.0 255.255.255.0 172.16.0.10<br />
</source><br />
===Lag tre switch===<br />
<source lang=bash><br />
ip routing<br />
!<br />
interface range GigabitEthernet0/1 - 4<br />
switchport mode access<br />
switchport access vlan 30<br />
!<br />
interface range GigabitEthernet0/5 - 9<br />
switchport access vlan 40<br />
switchport mode access<br />
!<br />
interface GigabitEthernet0/10<br />
no switchport<br />
ip address 172.16.0.10 255.255.255.0<br />
!<br />
interface Vlan30<br />
ip address 10.0.0.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
!<br />
interface Vlan40<br />
ip address 10.0.1.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
</source><br />
=Links=<br />
*[https://www.netacad.com/ Link til Cisco Netacad]<br />
*[[ASC II]] - Koder for bogstaver og tal <br />
*[https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html Putty] et gratis terminal emuleringssoftware<br />
[[Category:Course]][[Category:Network]]<br />
*[https://www.netacad.com/courses/ccna-introduction-networks?courseLang=en-US&instance_id=46a950b1-8175-474a-85fe-0e5e906a7f1a Introduction to networks]<br />
*[https://www.youtube.com/watch?v=FIV2-44uTmw Fiber kabel lægning med skibet Resolute]</div>
Heth
http://mars.merhot.dk/w/index.php?title=AMU_HAMMR&diff=41680
AMU HAMMR
2025-09-02T08:13:14Z
<p>Heth: /* Links */</p>
<hr />
<div><br />
=Materialer anvendt=<br />
== Uge 1==<br />
[[Image:Agenda ascom.png|thumb|500px|none|Agenda]]<br />
*[https://mars.merhot.dk/data/ascom/module1/01.01%20-%20Introduction%20to%20IP%20Generic%20diasshow.ppsx Network 1]<br />
*[https://mars.merhot.dk/data/ascom/module1/02.01%20-%20Module%201%20Session%202%20diasshow.ppsx Network 2]<br />
*[https://mars.merhot.dk/data/ascom/module1/03.01%20-%20Module%201%20Session%203%20diasshow.ppsx Network 3]<br />
*[https://mars.merhot.dk/data/ascom/module1/04.01%20-%20Module%201%20Session%204%20diasshow.ppsx Network 4]<br />
*[https://mars.merhot.dk/data/ascom/module1/05.01%20-%20Module%201%20Session%205%20diasshow.ppsx Network 5]<br />
<br />
==Subnetting==<br />
[[File:23.1_-_SUBNET_eksempel.pdf| Subnet eksempel]]<br />
== Router øvelse med nat==<br />
=== Del 1 uden Trunking ===<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
!<br />
</source><br />
=== Del 1 med Trunking ===<br />
====Router====<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.0.1<br />
!<br />
ip dhcp pool TEACHER<br />
import all<br />
network 172.16.1.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
no ip address<br />
!<br />
interface GigabitEthernet0/1.10<br />
encapsulation dot1Q 10<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
interface GigabitEthernet0/1.20<br />
encapsulation dot1Q 20<br />
ip address 172.16.1.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
access-list 1 permit 172.16.1.0 0.0.0.255<br />
</source><br />
<br />
====Lag 2 switch====<br />
<source lang=bash><br />
hostname Switch<br />
<br />
interface FastEthernet0/1<br />
switchport mode trunk<br />
!<br />
interface range FastEthernet0/5 - 9<br />
switchport access vlan 10<br />
switchport mode access<br />
!<br />
interface range FastEthernet0/11 - 19<br />
switchport access vlan 20<br />
switchport mode access<br />
</source><br />
<br />
==Del 2 - med LAG 3 switch - statisk routening==<br />
===SOHO Router===<br />
Følgende ekstra konfiguration af SOHO Routeren er foretaget - udover det i del 1.<br />
<source lang=bash><br />
!<br />
ip dhcp excluded-address 10.0.1.1 10.0.1.9<br />
ip dhcp excluded-address 10.0.0.1 10.0.0.9<br />
!<br />
ip dhcp pool GUEST<br />
import all<br />
network 10.0.0.0 255.255.255.0<br />
default-router 10.0.0.1<br />
!<br />
ip dhcp pool HACKERS<br />
import all<br />
network 10.0.1.0 255.255.255.0<br />
default-router 10.0.1.1<br />
!<br />
ip route 10.0.0.0 255.255.255.0 172.16.0.10<br />
ip route 10.0.1.0 255.255.255.0 172.16.0.10<br />
</source><br />
===Lag tre switch===<br />
<source lang=bash><br />
ip routing<br />
!<br />
interface range GigabitEthernet0/1 - 4<br />
switchport mode access<br />
switchport access vlan 30<br />
!<br />
interface range GigabitEthernet0/5 - 9<br />
switchport access vlan 40<br />
switchport mode access<br />
!<br />
interface GigabitEthernet0/10<br />
no switchport<br />
ip address 172.16.0.10 255.255.255.0<br />
!<br />
interface Vlan30<br />
ip address 10.0.0.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
!<br />
interface Vlan40<br />
ip address 10.0.1.1 255.255.255.0<br />
ip helper-address 172.16.0.1<br />
</source><br />
=Links=<br />
*[https://www.netacad.com/ Link til Cisco Netacad]<br />
*[[ASC II]] - Koder for bogstaver og tal <br />
*[https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html Putty] et gratis terminal emuleringssoftware<br />
[[Category:Course]][[Category:Network]]<br />
*[https://www.netacad.com/courses/ccna-introduction-networks?courseLang=en-US&instance_id=46a950b1-8175-474a-85fe-0e5e906a7f1a Introduction to networks]<br />
*[https://www.youtube.com/watch?v=FIV2-44uTmw Fiber kabel lægning med skibet Resolute]</div>
Heth
http://mars.merhot.dk/w/index.php?title=AMU_HAMMR&diff=41679
AMU HAMMR
2025-09-01T11:13:19Z
<p>Heth: /* =Lag 2 switch */</p>
<hr />
<div><br />
=Materialer anvendt=<br />
== Uge 1==<br />
[[Image:Agenda ascom.png|thumb|500px|none|Agenda]]<br />
*[https://mars.merhot.dk/data/ascom/module1/01.01%20-%20Introduction%20to%20IP%20Generic%20diasshow.ppsx Network 1]<br />
*[https://mars.merhot.dk/data/ascom/module1/02.01%20-%20Module%201%20Session%202%20diasshow.ppsx Network 2]<br />
*[https://mars.merhot.dk/data/ascom/module1/03.01%20-%20Module%201%20Session%203%20diasshow.ppsx Network 3]<br />
*[https://mars.merhot.dk/data/ascom/module1/04.01%20-%20Module%201%20Session%204%20diasshow.ppsx Network 4]<br />
*[https://mars.merhot.dk/data/ascom/module1/05.01%20-%20Module%201%20Session%205%20diasshow.ppsx Network 5]<br />
<br />
==Subnetting==<br />
[[File:23.1_-_SUBNET_eksempel.pdf| Subnet eksempel]]<br />
== Router øvelse med nat==<br />
=== Del 1 uden Trunking ===<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
!<br />
</source><br />
=== Del 1 med Trunking ===<br />
====Router====<br />
<source lang=bash><br />
hostname SOHO<br />
!<br />
ip dhcp pool STUDENTS<br />
import all<br />
network 172.16.0.0 255.255.255.0<br />
default-router 172.16.0.1<br />
!<br />
ip dhcp pool TEACHER<br />
import all<br />
network 172.16.1.0 255.255.255.0<br />
default-router 172.16.1.1<br />
!<br />
interface GigabitEthernet0/0<br />
description Outside<br />
ip address dhcp<br />
ip nat outside<br />
!<br />
interface GigabitEthernet0/1<br />
description Inside<br />
no ip address<br />
!<br />
interface GigabitEthernet0/1.10<br />
encapsulation dot1Q 10<br />
ip address 172.16.0.1 255.255.255.0<br />
ip nat inside<br />
!<br />
interface GigabitEthernet0/1.20<br />
encapsulation dot1Q 20<br />
ip address 172.16.1.1 255.255.255.0<br />
ip nat inside<br />
!<br />
ip nat inside source list 1 interface GigabitEthernet0/0 overload<br />
!<br />
access-list 1 permit 172.16.0.0 0.0.0.255<br />
access-list 1 permit 172.16.1.0 0.0.0.255<br />
</source><br />
<br />
====Lag 2 switch====<br />
<source lang=bash><br />
hostname Switch<br />
<br />
interface FastEthernet0/1<br />
switchport mode trunk<br />
!<br />
interface range FastEthernet0/5 - 9<br />
switchport access vlan 10<br />
switchport mode access<br />
!<br />
interface range FastEthernet0/11 - 19<br />
switchport access vlan 20<br />
switchport mode access<br />
</source><br />
<br />
=Links=<br />
*[https://www.netacad.com/ Link til Cisco Netacad]<br />
*[[ASC II]] - Koder for bogstaver og tal <br />
*[https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html Putty] et gratis terminal emuleringssoftware<br />
[[Category:Course]][[Category:Network]]<br />
*[https://www.netacad.com/courses/ccna-introduction-networks?courseLang=en-US&instance_id=46a950b1-8175-474a-85fe-0e5e906a7f1a Introduction to networks]<br />
*[https://www.youtube.com/watch?v=FIV2-44uTmw Fiber kabel lægning med skibet Resolute]</div>
Heth