Nomios hotline number +44 (0)1256 274058

- How to console in to a device on mac

Start terminal:

screen tty.usbserial-<device port name> 9600

- How to copy file using SCP ignoring jump host

i.e.

Scp -J -O h.dura@172.31.50.25 (filename) infraadmin@(ipaddress):/var/tmp/

You can use this for ssh too

- How to search for command history for a particular word

Press Control + r :- type the command

- “man” command will give you manual for the command

i.e. man scp

- How to add alias and save it on a run command if you forget the IP
- Ls -a (to list hidden files starting with .)
- See for mac .zshrc and for linux its .bashrc
- alias ssj="ssh -J p.hare@172.31.50.25"
alias jump="ssh p.hare@172.31.50.25"
alias scj="scp -J p.hare@172.31.50.25"
- source .zshrc (make sure you source so that it can run what you added)

- cat show\ switch\ interface\ -\ EHREUKCLIENT01.txt | grep -a2 vlans (a – after, b –

before)

- cat show\ switch\ interface\ -\ EHREUKCLIENT01.txt | grep -a4 AP4 > ap.txt (creates
new file and displays 4 line after the AP4 on ap.txt file)
- cat ap.txt (to read the file ap.txt)
 Capture traffic on the box

#run monitor traffic interface et-0/1/2 matching "tcp port 179 and host
2001:7f8:4:3::e9a3:1" extensive write-file /var/tmp/CAPTURE-et-0/1/2.pcap

#run monitor traffic interface et-0/1/3 matching "tcp port 179 and host
2a03:fd82:0:4::1" extensive write-file /var/tmp/CAPTURE-et-0/1/3.pcap

Fournet firewall policy troubleshoot

- show security flow session destination-prefix 172.22.1.6

- show security flow session source-prefix 10.43.40.62

- show security match-policies source-ip 10.42.64.5 destination-ip 172.22.1.6 source-port 2

destination-port 52233 protocol tcp from-zone NSI-WAN to-zone NSI-CORE

IPsec tunnel troubleshooting command

- diag debug application ike -1
- diag debug enable
- and restart the tunnel

Confirm that site’s BGP peering is running as expected.

show bgp summary

show bgp neighbor 10.250.xxx.xxx
verify that routes are being both received and advertised.
Confirm that VPN Tunnel is established.

show security ipsec security-associations

show security ike security-associations

Fortinet

diagnose debug reset

diagnose debug flow filter clear
diagnose debug flow filter addr x.x.x.x y.y.y.y and
diagnose debug flow show function-name enable
diagnose debug flow trace start 1000
diagnose debug enable
- Show system rollback compare 1 0 ( to check the last config change)
- show diagnostics tdr interface ge-0/0/21