Dynamically Map Your VPN Enabled Devices – Auto Link NetBrain Tip:Common VPN keywords:Cisco ASA:o “ipsec-proposal”o “webvpn”o “split-tunnel-network-list”Juniper SRX: o “dynamic-vpn”

3. Auto Link: Right Click, add L3 VPN Tunnel links onto the map to display device interface connectivity

1. Search Find mappable devices using common VPN keywords

2. Map (IPsec): Select all the devices found using keyword search and map these devices to create your COVID-19 response map

1. Search Find mappable devices using common VPN keywords

2. Map (AnyConnect): Select the devices found using keyword search and map these devices to create your COVID-19 response map

3. Extend Neighbors: Click on the “+” of the device, and select the neighbor type, then extend the neighbors on the map

Dynamically Map Your VPN Enabled Devices – Extend Neighbor NetBrain Tip:Common VPN keywords:Cisco ASA:o “ipsec-proposal”o “webvpn”o “split-tunnel-network-list”Juniper SRX: o “dynamic-vpn”

1. AnyConnect Runbook Nodes:• AnyConnect VPN Qapp – Overlays AnyConnect data in the NetBrain map work

area on supported devices• AnyConnect VPN CLI – The executable CLI commands incorporated into the

Qapp by the NetBrain Automation Team

2. AnyConnect Session Detail: Supported devices display Cisco AnyConnect drill down tables to access detailed connection information

NetBrain Tip:NetBrain Runbook templates can be easily extended to include other valuable debugging techniques to ensure that “tribal knowledge” is codified!

Cisco AnyConnect VPN Qapp / CLI Commands

3. Execute CLI Commands: The individual IPsec CLI commands can be executed separately for greater control or inclusion in a separate Runbook

1. IPsec VPN Runbook Nodes:• IPsec VPN Qapp – Overlays IPsec data in the NetBrain map work area

on supported devices• IPsec VPN CLI – The executable CLI commands incorporated into the

Qapp by the NetBrain Automation Team

2. IPsec VPN Session Detail: Supported devices display Cisco IPsec drill down tables to access detailed connection information

Cisco IPsec VPN Qapp / CLI CommandsNetBrain Tip:Provided NetBrain Qapps can be extended to support other vendors/technology. The NetBrain Qapp accepts tokenized strings as input to filter on specific data. Example: "show vlan $input_vlan"

3. Execute CLI Commands : The individual IPsec CLI commands can be executed separately for greater control or inclusion in a separate Runbook

1. F5 SSL VPN Runbook Nodes:• SSL VPN Qapp – Overlays User Access data in the NetBrain map work

area on supported devices• SSL VPN CLI – The executable CLI commands incorporated into the

Qapp by the NetBrain Automation Team

2. F5 SSL VPN Session Detail: Supported devices display F5 User Access drill down tables to access detailed connection information

F5 SSL VPN Qapp / CLI CommandsNetBrain Tip:Don’t forget that Qapps can be used to create exportable reports in the NetBrain Inventory Report manager!

3. Execute CLI Commands : The individual F5 CLI commands can be executed separately for greater control or inclusion in a separate Runbook

1. Runbook: Codify the steps and actions executed (with results) performed when troubleshooting to share with peers to save time and effort

Using NetBrain For Collaborative Diagnosis

2. Runbook Actions: Wide variety of built-in and well-known diagnostic techniques to help diagnose VPN network related issues

3. Collaborative Diagnosis: Notify resources and collaborate in the same viewable workspace

1. Path Browser: Input corporate VPN gateway IP and service device hostname (like a core switch)

2. Path Result: Hop-by-hop path result with an available detailed device path analysis log3. Map this Path: Visualize the path that VPN users are following to access critical devices, services, and applications on the corporate network

Dynamically Map Your Remote Access Application Paths

NetBrain Tip:Set the starting point of the path to be the VPN Gateway! End users will be initiating their network access from this starting point while working from home.

3. Map Path Execution: Verify network traffic path between devices with the available Device Log and visualize the path with the “Map This Path” button

1. Path Browser: Save your most critical or problematic paths for repeatable review and analysis

2. Path History: Monitor historical path execution to track impact of network changes and history on the defined A-B path

Track Key Application Paths Changes and History