Skip to content
May 12 / thebrotherswisp

TheBrothersWISP 89 – CNheat, Unifi Access, Taking Custom Projects



This week Greg, Tomas, Dave, and Nick never stop never stopping. This is a long one, so put it on 2x speed and kick back 😉

This week we talk about:
Jim Jones recorded his tips video, thanks!
Cambium CNheat
Ubiquiti unifi access – access control system(strike and mag control)
Ken asks about VRRP on the inside and outside interfaces at the same time…how to have one transition when the other does.
Jim Jones was asking about a light web proxy, would Mikrotik work.
Michael Rhone asks for opinions on “Why run ipv6 in a small network?” – of course Nick says “Why would you not” LOL
Taking on custom projects – what are the signs you are in danger, and when to day no.

Help support us by becoming a patron! <==join our Slack team!
Keep contacting us: contactus (at) thebrotherswisp.com or https://facebook.com/thebrotherswisp

Click the link below to view the article!

May 8 / thebrotherswisp

TheBrothersWISP Jim Jones’ Top 5 Tips



This week Greg talks to Jim Jones about his top 5 tips.

The Tips:

1. Show up.
– If you’re early you’re on time. If you’re on time you’re late. If you’re late, you’re fired.
– Never be late… especially to a client.
2. KNOW DNS.
– It’s never DNS… till it is.
– Use DNS!
3. Be humble. Ask for help.
– Have a network of peers.
– Don’t wait too long to call support! That’s what they’re there for!
4. Backup all the things.
– File data
– Systems
– Configs
5. Don’t be married to vendors. Use the right tool for the job.
– Windows vs Linux
– Mikrotik vs Cisco
– Cisco SMB vs Bruhcade
– Unifi vs Meraki
6. Bonus: Learn. Go outside your comfort zone, silo.
– Podcasts.
– Books, audio.
– Youtube, pluralsight, etc.
7. Bonus: Teach. Mentor. Give more than you take.
– Don’t limit this to tech.
– True happiness is in serving others.

https://packetpushers.net/series/full-stack-journey/
linkedin: https://www.linkedin.com/in/jjonesjr/
facebook: https://www.facebook.com/jimjonesjr
instagram: https://www.instagram.com/jfjonesjr/

Help support us by becoming a patron! <==join our Slack team!
Keep contacting us: contactus (at) thebrotherswisp.com or https://facebook.com/thebrotherswisp

Click the link below to view the article!

Apr 29 / Greg

Unimus Fails To Discover ASR9000 IOS-XR Routers Via Telnet

It appears that Unimus has an inter-connection timeout of 250Ms, and when telnetting to a Cisco ASR9K it needs to be adjusted to something more like 1 second.
It seems that when a telnet session is opened to cisco via the discovery mechanism(trying to figure out if telnet is open), then instantly tries another connection to login, the Cisco router will fail the connection. Changing this timer puts more of a gap in this process which prevents the failure. I likely got something wrong in the translation there, but you get the idea.

The Unimus wiki shows you how to adjust timers.

The line in particular is:

-Dunimus.core.inter-connection-delay=1000
Apr 28 / thebrotherswisp

TheBrothersWISP 88 – White label PCI Compliance, EDC Backpack, Basic Business Router Config



This week Greg, Tomas, and Dave talk about how we are getting into beach shape…or perhaps we just talk tech 😉

This week we talk about:
White label PCI compliance scanning.
Unimus is awesome – mass config push
Mikrotik try catch block

*Slack Updates*
What’s in your backpack. Aside from the common Some things are: lock picks, small multimeter, 6 inch industrail laptop
Tomas found a cli wireshark tool
sngrep – realtime SIP packet viewer
IPv6 routing subnets without routing?
Controlling traffic flow when BGP peering with the same ISP twice – MED vs Prepending
ZeroTier Opensource SDN doesn’t do multipathing yet
Bridge appliance resilancy – second link bypassing it shutdown by STP(Mikrotik to Netonix)
Customer silence, not always a good thing – either acceptance or they’ve given up. Out communicate them.
Basic router configuration for business customers.

Help support us by becoming a patron! <==join our Slack team!
Keep contacting us: contactus (at) thebrotherswisp.com or https://facebook.com/thebrotherswisp

Click the link below to view the article!

Apr 19 / thebrotherswisp

Mikrotik MUM 2019 Austin After Movie



Help support us by becoming a patron! <==join our Slack team!
Keep contacting us: contactus (at) thebrotherswisp.com or https://facebook.com/thebrotherswisp

Here’s the video:(if you don’t see it, hit refresh)

Apr 14 / thebrotherswisp

TheBrothersWISP 87 – Confluence RCE, BGP On Various Kit, Configuring Edge Switches



This week Greg, Tomas, Mike, Wilson, and TOM SMYTH get all Irish up on it. Tom and I go on some deep tangents, prepare thy self.

This cast we talk about:
Confluence RCE in all but latest v6 versions
wpa3 vulnerability
GPENs will have water proof enclosures
V7 we saw was an internal alpha

*Slack Updates*
ESXi set port group vlan to 4095 to pass all vlans to a VM
Edwin is asking about spacing APs in public wifi – start with client density and go from there
BGP on arista and openBGPd routers
Manipulating tcam tables
Jeremy(aussie hipster) – diverse routers with different ISPs, transport both to one or terminate ISP on each and full mesh?
MC-LAG vs Stacking – as many opinions as there are engineers. Answer…add both features LOL
Configuring switches for edge user connections – DHCP snooping, port isolation, port security, storm contol, dynamic arp inspection,vlan acl

Help support us by becoming a patron! <==join our Slack team!
Keep contacting us: contactus (at) thebrotherswisp.com or https://facebook.com/thebrotherswisp

Click the link below to view the article!

Apr 11 / Greg

Bridging all VLANs Into/Through A VMware ESXi VM

Recently I was assisting with a Preseem server configuration. These boxes want to be bridged in the traffic path. If you want to do this in an ESXi VM, this can be a little obtuse.

First create two new virtual switches.


Next add a single physical NIC to each virtual switch.


Edit each virtual switch and under security, enable all of the things.


Next, add a port group to to each virtual switch.


Here’s the secret sauce. Edit the port groups and set the VLAN to 4095!

As per this VMware link, setting the VLAN to 4095 will instruct the vswitch to pass all VLANs through unmolested. Of course the switch or router ports on either end need to be trunking all vlans you want to move across your connection.

Your VM server will need to configure a bridge interface, and the NICs added to it, thus the traffic will move through.

Good luck, and happy bridging 😉