Configure a Radius server on Windows Server to authenticate Cisco VPN users

A Virtual Private Network (VPN) allows to connect to a private network through the Internet, from anywhere in the world.

It may be very helpful to business users willing to access from outside the internal resources of their company.

In this post we’ll see how you can allow Active Directory users to perform the login to a VPN, configured on a Cisco router.

The setup includes a Cisco 1801 router, configured with a Road Warrior VPN, and a server with Windows Server 2012 R2 where we installed and activated the domain controller and Radius server role.
(more…)

How to create a VM Template with Hyper-V

Microsoft Hyper-V lacks the capability to create and manage templates and this can be troublesome for IT specialists requiring to deploy a large number of identical virtual machines. A time-consuming task that could be much more efficient and simple.

To save your time, we suggest the following methodology that is more similar to a work-around. You will be able to deploy several virtual machines without much effort but it will still be difficult to deploy hundreds (or worst thousands) of them.
(more…)

How to balance the network traffic with Hot Standby Router Protocol (HSRP)

We’ve already wrote about the Hot Standby Router Protocol (HSRP) in our previous article. HSRP is a proprietary protocol developed by Cisco, that allows to decouple the IP addresses from the physical interfaces and to associate them to groups of interfaces, providing hardware redundancy.

In this article we’ll see how to balance the network load with the 2 HSRP groups, allowing to assign 2 virtual gateways to every group of PCs. The result will be a network scheme with load balancing that allows the 2 hosts to connect to the Internet even in case of failure of a gateway.
(more…)

How to configure Hot Standby Router Protocol (HSRP) with Cisco routers

When high-availability isn’t a priority but a requirement, router redundancy is mandatory. As every router has its own layer 3 address, it would be useful to have the possibility to use a single layer-3 address able to “move” from a router to another. Hot Standby Router Protocol (HSRP), a proprietary protocol developed by Cisco, allows to decouple the IP addresses from the physical interfaces and to associate them to groups of interfaces, providing hardware redundancy.

Technically speaking, HSRP sends its hello message to the multicast address 224.0.0.2 (all the routers inside the network) using the 1985 UDP port, to contact the other HSRP-enabled routers and estabilish the priorities between them: the primary router – with the higher priority – will work as virtual router (with its own IP and MAC addresses) and it will be used by the hosts as gateway; in case of failure of the primary router, the router with the second highest priority will become the default gateway.
(more…)

How to configure DHCP failover on Windows Server 2012 R2

Configuring the DHCP failover in your LAN is a simple operation to improve the reliability of the network.

There are two main ways to provide DHCP failover:

  • Load balancing
  • Hot standby

Load balancing allows to share the load between two or more DHCP servers while the Hot standby mode simply provide DHCP redundancy.

In this guide we adopted the Hot standby mode. The DHCP servers are two Windows 2012 R2 machine in the same domain (mandatory requirement).
(more…)

How to configure virtual machines auto start on VMware ESXi

If you are a VMware system administrator, you may find useful to configure a group of virtual machines to auto start at the ESXi host boot.

There may be different reasons to do that, but the most common is to recover from a blackout. ESXi hosts can power on automatically when the power comes back and the virtual machines will be powered on with them.
(more…)

How to add a new user to a customized vCenter Role

The privileges and Roles allow the administrator of a VMware virtual environment to configure a granular security policy defining individual user rights.

For a VMware system administrator it’s good practice to define the user access rights from the vCenter servers. There are several technologies to secure a virtual environment, this time we are going to see how to assign a customized role to an individual user.

In our previous article we talked about how to create a customized Role to which we gave only the privileges to configure the Virtual Machines.

It’s considered a best pratice not to modify the default roles because they can be useful for future reference.

In this article we’ll explan how to create a new user which we’ll assign to a customized Role named VM Configuration Manager.
(more…)