A great blog and Youtube channel with a lot of resources for Cisco Wireless:
When a router config is saved with
copy run start IOS asks for a destination filename:
RTR#copy running-config startup-config Destination filename [startup-config]? Building configuration... [OK] To bypass the request and use the default name startup-config do this:
RTR(config)#file prompt quiet And then again
copy run start will not require the filename:
RTR#copy run start Building configuration... [OK] This command may be useful inside EEM scripts that can’t run intecartive commands.
OSPF Forward Address (FA):
works like BGP next-hop for OSPF external routes
advertised only if next-hop is on a not-passive and multiaccess interface
if there’s not a route to FA address, route is not installed
FA = 0.0.0.0 –> cost to ABR
FA <> 0.0.0.0 –> cost to FA address
NSSA –> FA is ASBR IP –> remove FA with “area 1 nssa no-summary translate type7 suppress-fa”
Today a customer called to change the IP address of a L2L VPN peer on his Cisco ASA 8.3(2)4.
The task can be divided in 3 steps:
Get the VPN password . It should be written somewhere in the network documentation, as stated by rule 7 , but you know, password sometimes just get lost.
Find and update crypto map
asa# sh run | b peer 1.
Sometimes it can be useful to copy files to and from a Cisco ASA Firewall via SCP .
To enable SCP just type:
ssh scopy enable
Forgot the PSK of a VPN on a Cisco ASA? With this command you can see all the passwords in cleartext:
more system:running-configuration
Today I passed Cisco 642-983 DCUCI exam and it was a surprise to see two certifications on my Cisco curriculum:
Cisco Unified Computing Technology Support Specialist and
Cisco Data Center Support for UC Specialist The next step would be “Cisco Data Center Unified Computing Support Specialist ” but since VCP is a requirement and is not in my plans I have to skip that cert.
This week I’m attending Cisco DCUCI course in Milan. I have no experience on blade servers or Cisco UC plaftorm and it’ll be a great opportunity to learn new topics and move another step towards the datacenter.
I’ve prepared for this course watching Cisco PEC videos and reading the two must-read books from Silvano Gai:
I/O Consolidation in the Data Center Cisco Unified Computing System (UCS) Cisco provides an emulator for the Cisco UCS , available only to Partners.
Today I passed this Cisco exam: (642-647) Deploying Cisco ASA VPN Solutions v1.0 (VPN) and my CCSP certification is now updated to the new CCNP(Security) .
I’ve prepared the exam on the Cisco Press Official Cert Guide . The exam was not very hard, probably because I work on Pix/Asa platforms since 2007. The guide is very complete and actually I’ve re-learned some topics and how to deploy SSL and WebVPN in a better way, easyer to manage and to scale.
Quick note about PPPoE address assignment.
IPCP CLIENT interface Dialer1 **ip address negotiated** encapsulation ppp dialer pool 1 dialer idle-timeout 0 dialer persistent end SERVER ip dhcp-server 10.0.12.1 interface Virtual-Template10 ip address 10.0.32.2 255.255.255.0 peer default ip address dhcp end DHCP CLIENT interface Dialer1 ip address dhcp encapsulation ppp dialer pool 1 dialer idle-timeout 0 dialer persistent end SERVER interface Virtual-Template10 ip address 10.0.32.2 255.255.255.0 ip helper-address 1.
First of all: autoinstall works only on the first serial interface of the router, don’t forget it.
This is the topology for the small lab:
"https://www.ifconfig.it/images/page4_blog_entry97-autoinstall_fr.jpg" R1 is a TFTP server, it stores R3 configuration in flash.
R3 has no configuration.
R2 interface is configured as follow:
`` interface Serial1/0 ip address 10.0.23.2 255.255.255.0 ip helper-address 1.1.1.1encapsulation frame-relay ip ospf network broadcast ip ospf 1 area 0 serial restart-delay 0 frame-relay map ip 10.
Autoinstall is a quite interesting topic, it deserves some labbing.
Start from the DOC-CD as usual, we focus on the LAN implementation first.
You can find HERE the flowchart of the autoinstall process.
This guide is quite clear too:
AutoInstall Using DHCP for LAN Interfaces This is the topology we’ll use:
R1 and R2 will start without configuration.
R3 is the DHCP server that provides TFTP informations to R1 and R2.
RMON is generally an easy task, can be tricky but usually on CCIE workbooks the task are fair. The hardest part for me is to find the MIB to monitor.
This is the task: monitor interface Vlan1, send a trap if it receives more than 100 packets every 30 seconds, send a trap if it goes under 50 packets every 30 seconds.
First step: find Vlan1 ifindex.
R#sh snmp mib ifmib ifindex Vlan99: Ifindex = 10 Virtual-Access2: Ifindex = 13 FastEthernet4: Ifindex = 5 FastEthernet0: Ifindex = 1 FastEthernet2: Ifindex = 3 Loopback0: Ifindex = 12 Null0: Ifindex = 6 Virtual-Access1: Ifindex = 11 Vlan1: Ifindex = 7 Virtual-Template1: Ifindex = 9 NVI0: Ifindex = 8 FastEthernet1: Ifindex = 2 FastEthernet3: Ifindex = 4 So Vlan1 has ifIndex value 7.
Conditional debugging is used to filter debugging messages:
R#debug condition ? application Application called called number calling calling card card glbp interface group interface interface ip IP address mac-address MAC address match-list apply the match-list standby interface group username username vcid VC ID vlan vlan voice-port voice-port number xconnect Xconnect conditional debugging on segment pair A quick example: filter RIP events only for interface Serial1/1.
We just need to enable a debug condition for interface S1/1: