Dynamically Map Your VPN Enabled Devices Auto Link ...
Transcript of Dynamically Map Your VPN Enabled Devices Auto Link ...
![Page 1: Dynamically Map Your VPN Enabled Devices Auto Link ...](https://reader031.fdocuments.us/reader031/viewer/2022013005/61cd01aa2e33787a265169a4/html5/thumbnails/1.jpg)
Dynamically Map Your VPN Enabled Devices – Auto Link NetBrain Tip:Common VPN keywords:Cisco ASA:o “ipsec-proposal”o “webvpn”o “split-tunnel-network-list”Juniper SRX: o “dynamic-vpn”
3. Auto Link: Right Click, add L3 VPN Tunnel links onto the map to display device interface connectivity
1. Search Find mappable devices using common VPN keywords
2. Map (IPsec): Select all the devices found using keyword search and map these devices to create your COVID-19 response map
![Page 2: Dynamically Map Your VPN Enabled Devices Auto Link ...](https://reader031.fdocuments.us/reader031/viewer/2022013005/61cd01aa2e33787a265169a4/html5/thumbnails/2.jpg)
1. Search Find mappable devices using common VPN keywords
2. Map (AnyConnect): Select the devices found using keyword search and map these devices to create your COVID-19 response map
3. Extend Neighbors: Click on the “+” of the device, and select the neighbor type, then extend the neighbors on the map
Dynamically Map Your VPN Enabled Devices – Extend Neighbor NetBrain Tip:Common VPN keywords:Cisco ASA:o “ipsec-proposal”o “webvpn”o “split-tunnel-network-list”Juniper SRX: o “dynamic-vpn”
![Page 3: Dynamically Map Your VPN Enabled Devices Auto Link ...](https://reader031.fdocuments.us/reader031/viewer/2022013005/61cd01aa2e33787a265169a4/html5/thumbnails/3.jpg)
1. AnyConnect Runbook Nodes:• AnyConnect VPN Qapp – Overlays AnyConnect data in the NetBrain map work
area on supported devices• AnyConnect VPN CLI – The executable CLI commands incorporated into the
Qapp by the NetBrain Automation Team
2. AnyConnect Session Detail: Supported devices display Cisco AnyConnect drill down tables to access detailed connection information
NetBrain Tip:NetBrain Runbook templates can be easily extended to include other valuable debugging techniques to ensure that “tribal knowledge” is codified!
Cisco AnyConnect VPN Qapp / CLI Commands
3. Execute CLI Commands: The individual IPsec CLI commands can be executed separately for greater control or inclusion in a separate Runbook
![Page 4: Dynamically Map Your VPN Enabled Devices Auto Link ...](https://reader031.fdocuments.us/reader031/viewer/2022013005/61cd01aa2e33787a265169a4/html5/thumbnails/4.jpg)
1. IPsec VPN Runbook Nodes:• IPsec VPN Qapp – Overlays IPsec data in the NetBrain map work area
on supported devices• IPsec VPN CLI – The executable CLI commands incorporated into the
Qapp by the NetBrain Automation Team
2. IPsec VPN Session Detail: Supported devices display Cisco IPsec drill down tables to access detailed connection information
Cisco IPsec VPN Qapp / CLI CommandsNetBrain Tip:Provided NetBrain Qapps can be extended to support other vendors/technology. The NetBrain Qapp accepts tokenized strings as input to filter on specific data. Example: "show vlan $input_vlan"
3. Execute CLI Commands : The individual IPsec CLI commands can be executed separately for greater control or inclusion in a separate Runbook
![Page 5: Dynamically Map Your VPN Enabled Devices Auto Link ...](https://reader031.fdocuments.us/reader031/viewer/2022013005/61cd01aa2e33787a265169a4/html5/thumbnails/5.jpg)
1. F5 SSL VPN Runbook Nodes:• SSL VPN Qapp – Overlays User Access data in the NetBrain map work
area on supported devices• SSL VPN CLI – The executable CLI commands incorporated into the
Qapp by the NetBrain Automation Team
2. F5 SSL VPN Session Detail: Supported devices display F5 User Access drill down tables to access detailed connection information
F5 SSL VPN Qapp / CLI CommandsNetBrain Tip:Don’t forget that Qapps can be used to create exportable reports in the NetBrain Inventory Report manager!
3. Execute CLI Commands : The individual F5 CLI commands can be executed separately for greater control or inclusion in a separate Runbook
![Page 6: Dynamically Map Your VPN Enabled Devices Auto Link ...](https://reader031.fdocuments.us/reader031/viewer/2022013005/61cd01aa2e33787a265169a4/html5/thumbnails/6.jpg)
1. Runbook: Codify the steps and actions executed (with results) performed when troubleshooting to share with peers to save time and effort
Using NetBrain For Collaborative Diagnosis
2. Runbook Actions: Wide variety of built-in and well-known diagnostic techniques to help diagnose VPN network related issues
3. Collaborative Diagnosis: Notify resources and collaborate in the same viewable workspace
![Page 7: Dynamically Map Your VPN Enabled Devices Auto Link ...](https://reader031.fdocuments.us/reader031/viewer/2022013005/61cd01aa2e33787a265169a4/html5/thumbnails/7.jpg)
1. Path Browser: Input corporate VPN gateway IP and service device hostname (like a core switch)
2. Path Result: Hop-by-hop path result with an available detailed device path analysis log3. Map this Path: Visualize the path that VPN users are following to access critical devices, services, and applications on the corporate network
Dynamically Map Your Remote Access Application Paths
NetBrain Tip:Set the starting point of the path to be the VPN Gateway! End users will be initiating their network access from this starting point while working from home.
![Page 8: Dynamically Map Your VPN Enabled Devices Auto Link ...](https://reader031.fdocuments.us/reader031/viewer/2022013005/61cd01aa2e33787a265169a4/html5/thumbnails/8.jpg)
3. Map Path Execution: Verify network traffic path between devices with the available Device Log and visualize the path with the “Map This Path” button
1. Path Browser: Save your most critical or problematic paths for repeatable review and analysis
2. Path History: Monitor historical path execution to track impact of network changes and history on the defined A-B path
Track Key Application Paths Changes and History