Author: insidepacket

Install PowerCLI and PowerNSX Offline on RHEL7

On By insidepacketIn Network Automation, NSX, VirtualizationLeave a comment

With the release of PowerCLI 10.0.0, VMware adds support for Mac OS and Linux! Now you can install PowerCLI and PowerNSX on Linux System including RHEL, Centos, Unbuntu and Mac OS. To complete installation of VMware PowerCLI 10 and PowerNSX, firstly you need to install Powershell Core 6.0. In most of enterprise environments, we won't …

Continue reading Install PowerCLI and PowerNSX Offline on RHEL7

Wireshark Filter for SSL Traffic

On By insidepacketIn Packet4 Comments

Useful Wireshark filter for analysis of SSL Traffic. Client Hello: ssl.handshake.type == 1 Server Hello: ssl.handshake.type == 2 NewSessionTicket: ssl.handshake.type == 4 Certificate: ssl.handshake.type == 11 CertificateRequest ssl.handshake.type == 13 ServerHelloDone: ssl.handshake.type == 14 Note: "ServerHellpDone" means full-handshake TLS session. Cipher Suites: ssl.handshake.ciphersuite I found the below from Wiki.  All these SSL handshake message types …

Continue reading Wireshark Filter for SSL Traffic

Create XML file in vRealize Orchestrator for NSX Automation

On By insidepacketIn Network Automation, NSX, Uncategorized7 Comments

NSX API uses XML format for API communication. To automate NSX in VMware vRealize Orchestror, it is always required to create a XML file with javascript  as vRO workflow supports javascript only.Here i only shows you an example to how to do it. The target here is to create a security group and add a …

Continue reading Create XML file in vRealize Orchestrator for NSX Automation

vRA7.3 and NSX Integration: Network Security Data Collection Failure

On By insidepacketIn Cloud, Network Automation, NSX, UncategorizedLeave a comment

We are building vRA 7.3 . We added vCenter and NSX manager as endpoint in vRA. And associate NSX manager with vCenter. All of computing resource data collection works well but not NSX (network and security): So in vRA reservation, we only can see vSphere cluster, vDS port-group/logical switch but not Transport zone, security group/tags …

Continue reading vRA7.3 and NSX Integration: Network Security Data Collection Failure

Perform Packet Capture on VMware ESXi Host for NSX Troubleshooting

On By insidepacketIn NSX, Packet3 Comments

VMware offers a great and powerful tool pktcap-uw to perform packet capture on ESXi host. Pktcap-uw offers a lot of options for packet capture. https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2051814 Here I show most common used in my daily life here for your reference. I normally perform a packet based on vSwitch port ID or DV filter (NSX DFW) To do …

Continue reading Perform Packet Capture on VMware ESXi Host for NSX Troubleshooting

NSX IPSec Throughput in IBM Softlayer

On By insidepacketIn NSX, VirtualizationLeave a comment

To understand the real throughput capacity of NSX IPSec in Softlayer, I built a quick IPSec performance testing environment. Below are the network topology of my testing environment: NSX version: 6.2.4 NSX Edge: X-Large (6 vCPUs and 8G Memory), which is the largest size NSX offers. All of Edges in this testing enviroment reside in the …

Continue reading NSX IPSec Throughput in IBM Softlayer

Simple Python Script Creating a Dynamic Membership Security Group

On By insidepacketIn Network Automation, NSXLeave a comment

In this blog, I developed a very simple Python scripts to create NSX security group whose membership is based on Security Tag. Please note this script is to show you the basic, which has not been ready for a production environment. Two Python functions are includes in this script: create_tag is used to create a …

Continue reading Simple Python Script Creating a Dynamic Membership Security Group