Profile

Tomasz

Contact Details

My Content

1 to 20 of 50+ total
Posted By Tomasz Aug 9, 2021 7:55 PM
Found In Egroup: ExtremeWireless (WiNG)
\ view thread
Hi, Swift-UI is a simplified HTML GUI that was available on these xxxxE APs back in the days. Less features but more plain. Here you can find the conversion method (mind the Flash being used for Enterprise UI): https://extremeportal.force.com/ExtrArticleDetail?an=000089916 Hope that helps, ...
Posted By Tomasz Jul 30, 2021 6:30 PM
Found In Egroup: Analytics & Visibility
\ view thread
Hey Sam, Will do that once I am able to gather necessary support files. Thanks! Cheers, Tomasz
Posted By Tomasz Jul 23, 2021 9:21 PM
Found In Egroup: Analytics & Visibility
\ view thread
So I upgraded 8.4.4 machines to 8.5.6 directly. In the meantime I reconfigured them with my previous machines’ IP addresses. Then I re-added EAC and EAN with these “new” IPs to XMC. Reconfigured EXOS and XCC analytics destination. No luck: I also rebooted EAN engine, same as above. Rebooting XMC didn’t ...
Posted By Tomasz Jul 23, 2021 7:48 PM
Found In Egroup: Analytics & Visibility
\ view thread
Hello folks, I had a tough night yesterday and I wanted to share my thoughts to make sure nobody gets into same situation. I have my lab environment with XMC/EAC/EAN deployed with 8.5.4 OVAs. Yesterday I have connected my lab to the Internet for the first time (actually XCC+EXOS making a pass-thru ...
Posted By Tomasz Jul 13, 2021 1:38 PM
Found In Egroup: ExtremeSwitching (EXOS)
\ view thread
P.S. I saw the service-unavailable netlogin command in 31.2 User Guide but on my X440-G2 running 31.2 it doesn’t let the command thru currently...
Posted By Tomasz Jul 12, 2021 8:00 PM
Found In Egroup: ExtremeSwitching (EXOS)
\ view thread
Hi Chad, Personally I didn’t consider that as a strong advice but some particular deployment example. I might be low on caffeine though. ;) My favourite approach: dot1x > mac. If something is dot1x capable, it will run through it. If something is not dot1x capable, it will run solely ...
Posted By Tomasz Jul 12, 2021 2:37 PM
Found In Egroup: ExtremeSwitching (EXOS)
\ view thread
Hi Chad, If I understood the thread well, isn’t these two bundled together what you may need? conf netlogin port X authentication mode optional default policy role applied to a port (to keep our port config handled within the Policy framework) Hope that helps, Tomasz
Posted By Tomasz Jun 4, 2021 10:10 PM
Found In Egroup: ExtremeCloud IQ- Site Engine & Extreme Management Center
\ view thread
Hi, Is it required something in a different form than ‘show netlogin session’? Hope that helps, Tomasz
Posted By Tomasz Jun 4, 2021 9:40 PM
Found In Egroup: General Discussion
\ view thread
Hi Sam, Not sure if that was an AI-created spam or is someone being paid just for being human in the process… ;) Cheers, Tomasz
Posted By Tomasz May 7, 2021 8:20 PM
Found In Egroup: ExtremeSwitching (EXOS)
\ view thread
Hi, It is possible to use scp2 command on the switch to upload/download .pol files. It is also possible to invoke scp from the outside to the switch. For the former, EXOS Command Reference is great. For the latter, please see Security chapter of EXOS User Guide in Secure Socket Layer section: ...
Posted By Tomasz Apr 27, 2021 5:42 AM
Found In Egroup: WiNG Announcements
\ view thread
Hi Martin, I can only refer to the last part, LEAN AP image means the AP has no GUI in that image (web access attempts will result with 404 error - but it’s the same as if you upgraded the APs from the controller’s built-in images - they are also LEAN AP images). Hope that helps, ...
Posted By Tomasz Apr 7, 2021 9:37 PM
Found In Egroup: ExtremeSwitching (EXOS)
\ view thread
Made it a bit different now. The code: from exos import api import time api.exec_cli(["create log message \"Starting smartbak\""]) while(True): api.exec_cli(["create log message \"Running smartbak loop iteration\""]) cmdout_lines = api.exec_cli(["show conf"]).splitlines() api.exec_cli(["rm ...
Posted By Tomasz Apr 7, 2021 8:28 PM
Found In Egroup: ExtremeSwitching (EXOS)
\ view thread
Hi Stefan, The script is just about automated preparation of your switch for a potential forgotten admin password issue in the future. So you should definitely use it when you have CLI access to the switch. The idea is to deploy such script as a one-shot or on a regular basis (when it’s turned ...
Posted By Tomasz Apr 7, 2021 7:48 PM
Found In Egroup: ExtremeSwitching (EXOS)
\ view thread
Hello, I was encouraged today to make a script that would help with EXOS switches when admin password is lost (especially those with Python support but without one-time password login option, few versions in G1 release train). It was fun indeed and I’m looking for more. There might be a problem ...
Posted By Tomasz Mar 24, 2021 7:56 PM
Found In Egroup: Analytics & Visibility
\ view thread
Hi Sam, I just saw those lines at the end of the post are actually a white-colored hyperlink to some website, crap marketing at its finest. :D Cheers, Tomasz
Posted By Tomasz Sep 10, 2020 8:17 PM
Found In Egroup: ExtremeSwitching (EXOS)
\ view thread
Hi Mohamed, I remember there was an exam part number in the past, now I can’t find it in the pricefile. Seems it’s gone. But as far as I understand, you have two options: take part in a training that you are interested in (typically 4 days, or - if you’re a partner - alternatively free videos ...
Posted By Tomasz Jun 23, 2020 10:18 AM
Found In Egroup: ExtremeWireless (WiNG)
\ view thread
Hi, do you have some thoughts on this inter-ap-key perhaps? Or other way round, is there a way to secure RF Domain from using a non-authorized AP to read MINT traffic? Regarding reading the controller config I only think about auto-prov. policy with serial numbers as a criteria but then also ...
Posted By Tomasz Jun 1, 2020 6:38 PM
Found In Egroup: ExtremeWireless (WiNG)
\ view thread
Hi Chris, I was seeking for some additional MINT security measures and we found this ‘service wireless inter-ap-key’ command. Never played with that yet though. Another question I would like to ask (I appreciate this discussion as a mind excercise): what kind of impact you are concerned ...
Posted By Tomasz May 30, 2020 10:21 PM
Found In Egroup: ExtremeWireless (WiNG)
\ view thread
Hi, Agreed. It would be also good to distinguish particular attack vectors as they are going to have different countermeasures possible. Assuming that securing access to MINT-related VLAN is not possible, we have controller/AP management plane to secure and MINT frames themselves. Regarding ...
Posted By Tomasz May 29, 2020 9:13 PM
Found In Egroup: ExtremeWireless (WiNG)
\ view thread
Hi, Very interesting food for thoughts! Personally I would consider: reducing opportunity for non-WiNG devices to enter the VLAN used for MINT (disable unused ports, don’t set VLANs statically on switches’ access ports, enable authentication - even APs can do PEAP as far as I remember, ...