Rogue W-4 Rack

Rogue W-4 Rack

I have wanted to build a garage gym for some time now and with two kids under the age of two (I know right) I thought it was the perfect time to do so. I wanted a rack that was going to be big enough for me and a few friends to use at the same time but not take up both sides of my garage as my wife would not have been a fan of that. I started researching foldable racks that various companies sell and my main worry with purchasing a folding rack is the weight that it would be able to support and the overall lifetime durability after folding and unfolding it multiple times. After searching around for some time and reading pretty much every review I could find (which was surprisingly not a ton) I settled on the Rogue W-4 Rack. Rogue is really the end all be all for racks in my opinion and the quality of this rack and the following review solidifies that statement.

I purchased this rack for right around $650 shipped to Nashville. A couple of days later UPS freight called me to schedule a delivery. I thought this was a little odd until they showed up at my front door in an 18 wheeler. The UPS freight truck showed up for the scheduled delivery and they unloaded it pallet and all in my garage. Unboxing everything here are the specifications from Rogue’s website:

  • Width 6′, Length 4′, Height 9′
  • Made with 2×3″ 11 – gauge steel
  • 5/8″ Bolts and Fasteners
  • West Side Hole Pattern: 1″ through bench and clean pull zone then 2″ spacing above and below
  • Pull-up Bar height is adjustable – 8′, 7′ 6″, or 7′
  • (2) J-Cups with UHMW plastic inserts per 4′ rack section
  • Unit must be bolted to the floor and wall
  • You can customize the depth to 4′ and make the front pull-up bar a single for rings if you would like. Please make those selections on the drop downs NOTE: The single bar has an OD of 2″
  • You can make it a shortie if you don’t have the overhead space, drop it down to 7′ 6″. Please contact team@roguefitness.com if you wish to make this customization.
  • Unit must be bolted to the wall. Wall mounting hardware is NOT included.

Available Options:

There are a few different options available on this rack directly from Rogue Fitness. First you can add up to 2 Rogue Dirty South Bar’s as an odd on at $100 per bar. Next you can remove the double pull up bar that is front and center in favor of the single 2″ O.D. pull up bar (think bar muscle ups here). Last you can make the rack a “shorty” and drop the height down from 7 foot to 6 foot. The 6 foot option is a great idea for those people that are limited by space or maybe looking to install this in their basement. The only option that I ended up changing was going with the single 2″ O.D. pull up bar.

Installation:

Take your time planning out and installing this rack. If you think about how much weight this device is going to end up holding it will pay off for you to spend as few extra minutes double checking yourself and even prevent an injury. This installation was definitely a two person job due to the size of the rig so I grabbed my neighbor who was willing to help me out and who also had all of the tools that I needed. First step we stuck up two six foot stinger boards with 4 inch lag bolts (14 bolts total – not included). These stinger boards are really the backbone of the rack so we needed to make sure that it was not going to budge once installed.

Next step was to mark and drill the holes for the anchors in the floor. Let me tell you this was not an enjoyable part. We went through two different concrete bits on the drill to get the six holes to the depth that we needed them for the anchors. After a few hours of drilling we were finally able to get the anchors half way into the concrete which was the depth that we were looking for. Next we were able to do a test set on the posts to verify everything looked good before actually mounting the rig on the wall.

Once this was complete we were able to stage the rack in place. We connected everything and hand tightened all of the bolts. We were then able lift it up and move it into place. The rig went perfectly on the wall and within a few minutes were able to tighten everything down and it was ready to roll.

 

Coming up on 9 months of use this rack and it is still as solid as the day we installed it. I have had 2-3 200lb+ guys from my neighborhood doing pull ups and muscle ups on this rack and it has yet to move. The J-Cups are a great addition as well and provide squat rack capability for the rack. I use this rack as a squat stand multiple times a week and it works perfectly. The J-Cups can also be used with the rack to convert it for bench press. The only additional equipment that you would need is a bench.

One issue we noticed with the installation is that I requested a single bar for the front of the rack for bar muscle ups. There is a thin plate that goes between the actual rig and the pull up bar. The thin plates that were sent to me were for the double pull up bar and would not fit this right design.

Favorite Workouts involving the Rogue W-4 Rack:

This rack goes above and beyond what I had hoped for, but it will only pay off if you know how to use it.

Here are a few of my favorite workouts:

Barn Burner:

30 C2B Pull-ups
30 Overhead Squats (95/65#)
20 Bar Muscle ups
20 Overhead Squats (135/95#)
10 Bar Muscle-ups
10 Overhead Squats (185/135#)

Max Effort:

5 Rounds not for time
Max Bench Press
Max Unbroken C2B

Come at Me:

2 Rounds
2 Mins – Max T2B
1 Min – Max Ring Dip
2 Mins – Max C2B
1 Min – Max Bar Muscle Up

Where to buy:

Rogue Fitness

Don’t forget to follow @garagegymlove on Instagram and @ipv4freely on Twitter!

Posted in Garage Gym

Uncommon Breed Weighted Vest Review

Uncommon Breed Weighted Vest (20#)

 

Product Information: Uncommon Breed Vest

Another great example of how the best training tools are often the most simple.

After watching the Crossfit Games again this year I had decided that I really wanted to pick up a weight vest to take my training to the next level. I started looking around at different vendors and their price points and settled on Uncommon Breed. I contacted Ryan over at their office and he helped get me squared away with the vest I wanted. They use a company called Receiptful for the purchases on their site and communication on the order from start to finish was great. A few days later my vest showed up in all its glory.

Having never used a weighted vest before I did not really know what to expect when this arrived. First off the vest is very stylish, I went with the Coyote Tan color but they also have a navy and black color that look great as well. The vest is covered in various pieces of velcro that will allow you to put your own patches. Definitely going to pick up an American Flag patch for mine. At first glance the vest is very well made and is held together by multiple stitchings on the bottom. The vest is secured by elastic straps on the side and seem to be very durable as well.

Time for the workout. The vest actually showed up after I had worked out for the day but I was too stoked not to give this thing a run. I strapped on the vest and ended up doing 150 Slam Balls over the shoulder and I was WRECKED. During the workout I did not notice the vest shifting on me at all, which is a huge plus. The few days following this workout I have used it for many things since it is so versatile Jogging around the neighborhood, burpees and even mowing the yard.

If you are in the market for a new vest I would definitely recommend giving the Uncommon Breed your business. They are a small business based out of Kennewick, WA and would love your support!

Purchase this vest:

Rogue Fitness

Uncommon Breed

Don’t forget to follow @garagegymlove on Instagram!

Posted in Garage Gym

RepFitness SlamBall Review

RepFitness V2 SlamBall

IMG_20160721_220559

 

Product Information: http://www.repfitness.com/conditioning/strength-equipment/slam-balls/rep-v2-slam-balls

Video Review: Coming Soon!

The best training tools are often the most simple.

The slam ball is a super simple training tool that you can take anywhere. I end up traveling some for work and its easy to throw in the car and really get a full body workout with this one small item.

First impressions – Out of the box this ball is made like a tank! Picking it up and getting started I noticed that this ball is pretty slick to the touch. I dusted it up with some chalk and got moving. The first workout that I put it through was pretty simple. 3 Rounds – 150 cleans (at #40). Rest 3 minutes between rounds. I did not actually time this workout, just kind of threw something on the board and went. By the end of this workout I could barely pickup the ball one more time.

Over the past week this SlamBall V2 from RepFitness has been put to the test with multiple workouts and seems to be extremely well made. It has held up to everything that I have thrown at it so far and if you are in the market for a great workout tool I would definitely recommend checking out RepFitness for your next purchase!

Don’t forget to follow @garagegymlove on Instagram!

Posted in Garage Gym

Why a Home Lab!?

After kicking around the idea of building a home lab for quite some time now I finally got around to actually doing it. Note: this is not what I would consider your standard or cheap lab by any means. This was built with the intentions in mind to have a production environment for the VM’s I use at home, some backup technologies and of course an ample study environment. In building this I definitely wanted to have space available for growth and enough power to run virtually anything I need. I wanted to have something in the home that was powerful enough to run basically anything that I could throw at it but at the same time was semi-quiet as to not disturb the family.

Why?

There are many reasons that someone would want to have their own virtualization lab at home but here are some of the more prevalent ones:

– Centralized Home Infrastructure:

What better way to take control of your home network than to build your own lab from scratch. Want an XBMC server in your house? Just spin a up a VM. There are countless things that you can do with a home lab. Check out www.reddit.com/r/homelab for some great ideas.

– Exam Study:

This is definitely a big one for me. I am currently working on obtaining the CCIE certification so I definitely need hands on with a lot of equipment and what better way to do that then by having your own lab at home.

– Learning:

The best way to learn something is by researching and actually deploying the solution yourself. What better way to do that than in the comfort of your own home where you don’t have to worry about the implications of messing up a solution in a production environment.

Below is a list of equipment that I went with for my lab. I decided to go with one 500GB SSD drive as main internal storage. ESXi will actually be installed on a flash drive and plugged into one of the internal ports on the motherboard. I will also be able to use the QNAP as an iSCSI target for additional storage among other things.

Equipment Purchased:

Nas:

Nas Investment: $1,377

Server Build:

– iStarUSA 3U Server Rackmount Chasis (http://www.newegg.com/Product/Product.aspx?Item=N82E16811165083)

– Enermax Revolution X’t Power Supply (http://www.newegg.com/Product/Product.aspx?Item=N82E16817194110)

– Intel Xeon E5-2603 Server Processor (http://www.newegg.com/Product/Product.aspx?Item=N82E16819116936)

– Kingston Data Traveler 8GB Flash Drive (http://www.newegg.com/Product/Product.aspx?Item=N82E16820239764)

Server Investment: $1,740

Total Investment: $3,117

Pictures:

 2014-12-02 18.21.03
2014-12-02 18.29.16
2014-12-02 18.29.27
2014-12-02 18.29.37
2014-12-02 18.30.30
2014-12-02 18.33.14
2014-12-02 18.33.34
2014-12-02 18.33.42
2014-12-02 18.33.49
Screenshot 2014-12-02 19.39.30
Below is a list of VM’s that I currently have running:
– DCSERV1 – DC, DHCP, DNS
– DCSERV2 – Backup DC, DNS
– VEEAM – Backup Server
– WIN7VM – Main workstation for Work
– VCSERV1 – vCenter Server
– Cisco IOU – Lab/Study VM
– VIRL – Lab/Study VM
– CSR100V – Lab/Study VM

If you have any questions feel free to follow me on Twitter at @ipv4freely or email me at colby@colbyc.me
Posted in CCIE, Networking

Dynamic Multipoint VPN (DMVPN) Setup

Since DMVPN has been added to the CCIE v5 BluePrint I figured that now was just as good of a time as any to write this blog.
 
DMVPN stands for Dynamic Multipoint VPN and it is an effective solution for dynamic secure overlay networks.
 
DMVPN is combination of the following technologies:
  • Multipoint GRE (mGRE)
  • Next-Hop Resolution Protocol (NHRP)
  • Dynamic Routing Protocol (EIGRP, RIP, OSPF, BGP)
  • Dynamic IPsec encryption
  • Cisco Express Forwarding (CEF)
Topology that we will be starting with:
Initial DMVPN Topolgy
First thing will be doing the base configurations on R1, R2 & R3. This will consist of configuring the IP addresses on the above interfaces and setting up the routing protocol to distribute the routes. In this case we will use EIGRP 123.

R1:
Rack1R1(config)#int s0/0/0
Rack1R1(config-if)#no shut
Rack1R1(config-if)#encap ppp
Rack1R1(config-if)#
Aug  1 19:22:33.379: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to down
Rack1R1(config-if)#ip address 204.186.13.1 255.255.255.0
Rack1R1(config-if)#router eigrp 123
Rack1R1(config-router)# network 204.186.13.1 0.0.0.0

R2:
Rack1R2(config)#interface Serial0/0/0
Rack1R2(config-if)# no shutdown
Rack1R2(config-if)# ip address 204.186.23.2 255.255.255.0
Rack1R2(config-if)# encapsulation ppp
Rack1R2(config-if)#
Aug  1 19:28:56.915: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to down
Rack1R2(config-if)#router eigrp 123
Rack1R2(config-router)# network 204.186.23.2 0.0.0.0

R3:
Rack1R3(config)#interface Serial0/0/0
Rack1R3(config-if)# no shutdown
Rack1R3(config-if)# ip address 204.186.13.3 255.255.255.0
Rack1R3(config-if)# encapsulation ppp
Rack1R3(config-if)#interface Serial0/1/0
Rack1R3(config-if)# no shutdown
Rack1R3(config-if)# ip address 204.186.23.3 255.255.255.0
Rack1R3(config-if)# encapsulation ppp
Rack1R3(config-if)#router eigrp 123
Rack1R3(config-router)# network 204.186.13.3 0.0.0.0
Rack1R3(config-router)# network 204.186.23.3 0.0.0.0

Looks like the neighbors have come up correctly, now lets just verify that the correct routes are showing up:

R1:
Rack1R1(config)#do sh ip route eigrp
Codes: L – local, C – connected, S – static, R – RIP, M – mobile, B – BGP
       D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
       N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
       E1 – OSPF external type 1, E2 – OSPF external type 2
       i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
       ia – IS-IS inter area, * – candidate default, U – per-user static route
       o – ODR, P – periodic downloaded static route, H – NHRP, l – LISP
       a – application route
       + – replicated route, % – next hop override

Gateway of last resort is not set

      204.186.23.0/24 is variably subnetted, 2 subnets, 2 masks
D        204.186.23.0/24 [90/2681856] via 204.186.13.3, 00:03:36, Serial0/0/0
D        204.186.23.2/32 [90/2681856] via 204.186.13.3, 00:03:36, Serial0/0/0

R2:
Rack1R2(config-router)#do sh ip route eigrp
Codes: L – local, C – connected, S – static, R – RIP, M – mobile, B – BGP
       D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
       N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
       E1 – OSPF external type 1, E2 – OSPF external type 2
       i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
       ia – IS-IS inter area, * – candidate default, U – per-user static route
       o – ODR, P – periodic downloaded static route, H – NHRP, l – LISP
       a – application route
       + – replicated route, % – next hop override

Gateway of last resort is not set

      204.186.13.0/24 is variably subnetted, 2 subnets, 2 masks
D        204.186.13.0/24 [90/2681856] via 204.186.23.3, 00:04:31, Serial0/0/0
D        204.186.13.1/32 [90/2681856] via 204.186.23.3, 00:04:31, Serial0/0/0

Looks like the routes are populating correctly,  I did not include the output from R2 because it will not need to learn any routes from EIGRP as both R1 and R3 are directly connected. Now that we have full reachability we can begin the actual DMVPN configuration. Here is what the new topology will look like once complete:
DMVPN TopologyDMVPN TopologyDMVPN Topology1
Next we will begin by creating the Tunnel interfaces on each router:

R1:
Rack1R1(config)#interface Tunnel0
Rack1R1(config-if)# ip address 173.1.123.1 255.255.255.0
Rack1R1(config-if)# no ip redirects
Rack1R1(config-if)# ip nhrp map multicast dynamic
Rack1R1(config-if)# ip nhrp network-id 99
Rack1R1(config-if)# ip nhrp holdtime 300
Rack1R1(config-if)# tunnel source Serial0/0/0
Rack1R1(config-if)# tunnel mode gre multipoint
Rack1R1(config-if)# tunnel key 100000

R2:
Rack1R2(config-router)#interface Tunnel0
Rack1R2(config-if)# ip address 173.1.123.2 255.255.255.0
Rack1R2(config-if)# no ip redirects
Rack1R2(config-if)# ip nhrp map 173.1.123.1 204.186.13.1
Rack1R2(config-if)# ip nhrp map multicast 204.186.13.1
Rack1R2(config-if)# ip nhrp network-id 99
Rack1R2(config-if)# ip nhrp nhs 173.1.123.1
Rack1R2(config-if)# tunnel source Serial0/0/0
Rack1R2(config-if)# tunnel mode gre multipoint
Rack1R2(config-if)# tunnel key 100000

R3:
Rack1R3(config-router)#interface Tunnel0
Rack1R3(config-if)# ip address 173.1.123.3 255.255.255.0
Rack1R3(config-if)# no ip redirects
Rack1R3(config-if)# ip nhrp map 173.1.123.1 204.186.13.1
Rack1R3(config-if)# ip nhrp map multicast 204.186.13.1
Rack1R3(config-if)# ip nhrp network-id 99
Rack1R3(config-if)# ip nhrp nhs 173.1.123.1
Rack1R3(config-if)# tunnel source Serial0/0/0
Rack1R3(config-if)# tunnel mode gre multipoint
Rack1R3(config-if)# tunnel key 100000

Now lets verify that the Tunnels have come up correctly:

R1:
Rack1R1(config-if)#do sh dmvpn
Legend: Attrb –> S – Static, D – Dynamic, I – Incomplete
        N – NATed, L – Local, X – No Socket
        # Ent –> Number of NHRP entries with same NBMA peer
        NHS Status: E –> Expecting Replies, R –> Responding, W –> Waiting
        UpDn Time –> Up or Down Time for a Tunnel
==========================================================================

Interface: Tunnel0, IPv4 NHRP Details
Type:Hub, NHRP Peers:2,

 # Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb
 —– ————— ————— —– ——– —–
     1 204.186.23.2        173.1.123.2    UP 00:39:58     D
     1 204.186.13.3        173.1.123.3    UP 00:38:51     D

R2:
Rack1R2(config-if)#do sh dmvpn
Legend: Attrb –> S – Static, D – Dynamic, I – Incomplete
        N – NATed, L – Local, X – No Socket
        # Ent –> Number of NHRP entries with same NBMA peer
        NHS Status: E –> Expecting Replies, R –> Responding, W –> Waiting
        UpDn Time –> Up or Down Time for a Tunnel
==========================================================================

Interface: Tunnel0, IPv4 NHRP Details
Type:Spoke, NHRP Peers:2,

 # Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb
 —– ————— ————— —– ——– —–
     1 204.186.13.1        173.1.123.1    UP 00:41:20     S
     1 204.186.13.3        173.1.123.3    UP 00:08:43     D
 
R3:
Rack1R3(config-if)#do sh dmvpn
Legend: Attrb –> S – Static, D – Dynamic, I – Incomplete
        N – NATed, L – Local, X – No Socket
        # Ent –> Number of NHRP entries with same NBMA peer
        NHS Status: E –> Expecting Replies, R –> Responding, W –> Waiting
        UpDn Time –> Up or Down Time for a Tunnel
==========================================================================

Interface: Tunnel0, IPv4 NHRP Details
Type:Spoke, NHRP Peers:2,

 # Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb
 —– ————— ————— —– ——– —–
     1 204.186.13.1        173.1.123.1    UP 00:40:34     S
     1 204.186.23.2        173.1.123.2    UP 00:09:05     D

Next we need to verify connectivity across the tunnel:

R1:
Rack1R1(config-if)#do ping 173.1.123.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 173.1.123.2, timeout is 2 seconds:
!!!!!
Rack1R1(config-if)#do ping 173.1.123.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 173.1.123.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/6/16 ms

R2:
Rack1R2(config-if)#do ping 173.1.123.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 173.1.123.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
Rack1R2(config-if)#do ping 173.1.123.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 173.1.123.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

R3:
Rack1R3(config-if)#do ping 173.1.123.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 173.1.123.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
Rack1R3(config-if)#do ping 173.1.123.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 173.1.123.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

Alright, everything looks good. Next lets look at a few show commands:

R1:
Rack1R1(config-if)#do sh ip nhrp
173.1.123.2/32 via 173.1.123.2
   Tunnel0 created 00:16:27, expire 01:43:33
   Type: dynamic, Flags: unique registered nhop
   NBMA address: 204.186.23.2
173.1.123.3/32 via 173.1.123.3
   Tunnel0 created 00:15:20, expire 01:44:39
   Type: dynamic, Flags: unique registered nhop
   NBMA address: 204.186.13.3

R2:
Rack1R2(config-if)#do sh ip nhrp
173.1.123.1/32 via 173.1.123.1
   Tunnel0 created 00:17:55, never expire
   Type: static, Flags: used
   NBMA address: 204.186.13.1
 
R3:
Rack1R3(config-if)#do sh ip nhrp
173.1.123.1/32 via 173.1.123.1
   Tunnel0 created 00:17:00, never expire
   Type: static, Flags: used
   NBMA address: 204.186.13.1

Adding an additional spoke (similar to R2/R3) in this case would be very simple. Once the connection is established just adding the route map to go through the hub (R1).
 
You can follow me on Twitter at @ipv4freely
Posted in CCIE, Networking

IPSec over GRE Tunnel

Cisco Ipsec over Gre Tunnel Configuration Example:

Main – Branch Point to point connection w/LAN on opposite side:

IPSec over GRE

Main Router Config:

Main#sh run
Building configuration…

Current configuration : 1866 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Main
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip domain name colbyc.me
!
multilink bundle-name authenticated
!
crypto isakmp policy 10
encr aes
authentication pre-share
group 5
lifetime 28800
crypto isakmp key Welcome01 address 172.22.1.2
crypto isakmp keepalive 10 5 periodic
!
!
crypto ipsec transform-set IKE_TRANS esp-aes esp-sha-hmac
!
crypto map IPSec_Map 10 ipsec-isakmp
set peer 172.22.1.2
set transform-set IKE_TRANS
set pfs group5
match address CRYPTO_MAP_PROXY_ID
!
archive
log config
hidekeys
!
ip ssh version 2
!
interface Tunnel10
description TUNNEL_to_BRANCH
ip address 10.20.30.2 255.255.255.252
ip mtu 1400
ip tcp adjust-mss 1360
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 7 091E6D01180C1956
ip ospf 100 area 0
keepalive 10 3
tunnel source 172.22.1.1
tunnel destination 172.22.1.2
!
interface FastEthernet0/0
description COLBYC LAN
ip address 172.16.0.5 255.255.0.0
ip ospf 100 area 0
duplex auto
speed auto
!
interface FastEthernet0/1
description MAIN TO BRANCH
ip address 172.22.1.1 255.255.255.248
duplex auto
speed auto
crypto map IPSec_Map
!
interface FastEthernet1/0
no ip address
shutdown
duplex auto
speed auto
!
router ospf 100
router-id 1.1.1.1
log-adjacency-changes
default-information originate
!
ip route 0.0.0.0 0.0.0.0 172.16.0.12
!
!
ip http server
no ip http secure-server
!
ip access-list extended CRYPTO_MAP_PROXY_ID
permit ip host 172.22.1.1 host 172.22.1.2
!
!
control-plane
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
webvpn cef
!
end

Branch Router Config:

Branch#sh run
Building configuration…

Current configuration : 1819 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Branch
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
no ip domain lookup
ip domain name colbyc.me
!
multilink bundle-name authenticated
!
!
crypto isakmp policy 10
encr aes
authentication pre-share
group 5
lifetime 28800
crypto isakmp key Welcome01 address 172.22.1.1
crypto isakmp keepalive 10 5 periodic
!
!
crypto ipsec transform-set IKE_TRANS esp-aes esp-sha-hmac
!
crypto map IPSec_MAP 10 ipsec-isakmp
set peer 172.22.1.1
set transform-set IKE_TRANS
set pfs group5
match address CRYPTO_MAP_PROXY_ID
!
archive
log config
hidekeys
!
!
ip ssh version 2
!
interface Tunnel10
description Tunnel_to_MAIN
ip address 10.20.30.1 255.255.255.252
ip mtu 1400
ip tcp adjust-mss 1360
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 7 091E6D01180C1956
ip ospf 100 area 0
keepalive 10 3
tunnel source 172.22.1.2
tunnel destination 172.22.1.1
!
interface FastEthernet0/0
description BRANCH LAN
ip address 172.21.1.1 255.255.0.0
duplex auto
speed auto
!
interface FastEthernet0/1
description BRANCH_TO_MAIN
ip address 172.22.1.2 255.255.255.248
duplex auto
speed auto
crypto map IPSec_MAP
!
interface FastEthernet1/0
no ip address
shutdown
duplex auto
speed auto
!
router ospf 100
router-id 2.2.2.2
log-adjacency-changes
network 172.21.0.0 0.0.255.255 area 0
!
ip http server
no ip http secure-server
!
ip access-list extended CRYPTO_MAP_PROXY_ID
permit ip host 172.22.1.2 host 172.22.1.1
!
!
control-plane
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
webvpn cef
!
end

Main#sh ip ospf nei

Neighbor ID Pri State Dead Time Address Interface

2.2.2.2 0 FULL/ – 00:00:35 10.20.30.1 Tunnel10

Branch#sh ip ospf nei

Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 0 FULL/ – 00:00:31 10.20.30.2 Tunnel10

Checking traffic coming through the Tunnel:

Main#sh crypto ipsec sa

interface: FastEthernet0/1
Crypto map tag: IPSec_Map, local addr 172.22.1.1

protected vrf: (none)
local ident (addr/mask/prot/port): (172.22.1.1/255.255.255.255/0/0)
remote ident (addr/mask/prot/port): (172.22.1.2/255.255.255.255/0/0)
current_peer 172.22.1.2 port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 33, #pkts encrypt: 33, #pkts digest: 33
#pkts decaps: 33, #pkts decrypt: 33, #pkts verify: 33
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 4, #recv errors 0

local crypto endpt.: 172.22.1.1, remote crypto endpt.: 172.22.1.2
path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet0/1
current outbound spi: 0xC1B7DBE8(3250052072)

inbound esp sas:
spi: 0x7AD23F65(2060599141)
transform: esp-aes esp-sha-hmac ,
in use settings ={Tunnel, }
conn id: 1, flow_id: SW:1, crypto map: IPSec_Map
sa timing: remaining key lifetime (k/sec): (4576913/3512)
IV size: 16 bytes
replay detection support: Y
Status: ACTIVE

inbound ah sas:

inbound pcp sas:

outbound esp sas:
spi: 0xC1B7DBE8(3250052072)
transform: esp-aes esp-sha-hmac ,
in use settings ={Tunnel, }
conn id: 2, flow_id: SW:2, crypto map: IPSec_Map
sa timing: remaining key lifetime (k/sec): (4576913/3509)
IV size: 16 bytes
replay detection support: Y
Status: ACTIVE

outbound ah sas:

outbound pcp sas:

 

Posted in Networking, OSPF

Japan Trip | Day 11 (The Suck v2.0)

We arrived at the airport around 8pm (Tokyo time) Grabbed a quick shower and some dinner then hopped on our first flight around 12:10 AM. Here is a summary of our flights:

HND > SFO ~10 hr + 6 hr Layover

SFO > ORD ~4 hr + 2 hr Layover

ORD > BNA ~2hr

After arriving in Nashville we still had a few things to take care of before we could get some sleep:

BNA > Taxi Home, House Closing, Walgreens, Zaxbys, BED.

Once we arrived home we were greeted by one of the best dogs in the world; Chance:

2013-08-30 09.47.55

Needless to say he was beyond excited to see us.

The Next/Last update regarding Japan will have a link to all pictures/videos and a wrap up of our overall experience.

-Colby

Posted in Japan Trip

Japan Trip | Day 10 (Gundam Pets)

This morning we had to check out of our hotel by noon so once we got everything together we piled the luggage in Brandon’s car and headed out on the Metro to Odiba since we didn’t fly out til a few minutes after midnight. By the time we made it there we were all starving so we headed to lunch at a buffet place called The Oven:

2013-08-29 13.27.18

This place was pretty good, they had a mix of Japanese, American and desert foods and for the price I was definitely happy.

2013-08-29 13.50.27

After lunch we headed over to a neighboring mall that had a Toyota museum with a lot of antique cars and some next gen ones as well. They had a few driving simulators and you could actually test drive and new car that Toyota makes. We didn’t realize until we got there but we would have had to make reservations a few days in advance as everything was booked up.

2013-08-29 14.16.48

2013-08-29 14.22.16

2013-08-29 14.17.37

After the Toyota stop we headed to another neighboring mall that seemed to be all about dogs. Literally every store in the place sold some type of dog accessory or was a pet store.

2013-08-29 15.16.42

2013-08-29 15.17.19

2013-08-29 15.08.48

The last place that we went in for the day was the National Museum of Emerging Science and Innovation and this place definitely had some cool stuff.

Here are the rest of the pictures/videos for Day 10: Flickr

-Colby

Posted in Japan Trip

Japan Trip | Day 9 (Peace Signs v2.0)

Short post for today:

We headed back to Disney for part 2 but this time we went to DisneyLand.

2013-08-28 09.28.59

They had some pretty neat things/rides at Disney but it was mostly geared toward the younger crowd. One of the highlights for me was the Roger Rabbit movie exhibit in toon town:

2013-08-28 10.29.49

Although my wife Mandi was ecstatic the majority of the day:

2013-08-28 15.20.43

After Disney we headed back to Roppongi and had our most expensive meal of the trip at an American Restaurant TGI Friday’s. By this time everyone was craving a good burger so I gave in and had one as well.

Here are the rest of the pictures/videos from Day 9: Flickr

-Colby

Posted in Japan Trip

Japan Trip | Day 8 (Peace Signs)

Today Brandon stayed in and The Wife and I headed out to Tokyo Disney Sea. First things first we had to plan the route through the metro so that we did end up in the wrong place. There is an iPhone app that most locals use but since it is a paid app on the app store there is a website that does essentially the same thing: Hyperdia

2013-08-27 08.52.33

The trip did not seem too bad, a couple of track switches and overall travel time of ~50 minutes. Once we arrived at the park we grabbed our tickets and a couple of maps and I could tell that the wife was beyond excited.

2013-08-27 10.48.05

Once inside we grabbed a quick lunch which to my surprise was the worst meal that I had on the trip. I ordered some combo of seafood pasta and two-three bites in I was done. After lunch we headed through the park with Mandi leading and took in a few rides and most of the shows:

2013-08-27 12.04.20

2013-08-27 11.24.24

After the day at Disney I was exhausted but we went ahead and upgraded our tickets to the two day pass to check out DisneyLand tomorrow with Brandon (@archer23). We then headed back to the hotel to wash up for dinner.

We ended up going to eat at TGI Friday’s because everyone was craving a good burger. Oddly enough this was the most expensive meal of the trip coming in at around $70 bucks. After dinner Mandi headed back to the room and Brandon and I went out for some more Dart action.

The rest of the videos/pictures from Day 8 are here: Flickr

-Colby

Posted in Japan Trip