JunOS – Using TACACS+ With Cisco ACS
KB ID 0001040 Problem I’ve been configuring a client’s Juniper SRX chassis cluster, for a while now. Their ACS was deployed last week so my task was to configure it to use the TACACS+ from the Cisco ACS server. The client’s setup required them to use their fxp0 management interfaces to perform the authentication. After it was configured and working, (due in no small part, to the ACS skills of Mr SteveH). I decided...
HP and Cisco – VLANs and Trunks Confusion!
KB ID 0000741 Problem When I first started in IT, I went and did my Cisco CCNA. So I learned that to connect Cisco switches and pass VLAN traffic between them, I needed to create a ‘Trunk’ to pass the VLAN traffic. Fast forward a few years, and I now work for an HP reseller. Very early on I came to realise that what HP called a ‘trunk’ was very different from what I had been taught. Below is an article I did a...
GNS3 ASA Error – ‘ASDM did not recognize device model ASA5520’
KB ID 0001028 Problem Apart from the fact that’s an appalling spelling of recognise, I got bitten by this last weekend. I don’t use the ADSM as a rule so it would not normally be a problem, the only thing I do use the ASDM for is certificates, (it’s just easier). Solution Last time I saw an error like this I had to use a fiddler script to embed the firewall model in the https traffic, however now there’s a...
Install and use ASDM in a Virtual Cisco ASA
KB ID 0000052 Problem You have already created a Virtual ASA, now you want to web manage it. Solution Notes: Software Download Links Fiddler Fiddler Script Related Articles, References, Credits, or External Links NA
Deploy Dual Virtual ASA Firewalls In Active/Standby Failover
KB ID 0000053 Problem Now you have created your Virtual ASA platform you want to deploy 2 of them in failover configuration. Solution Notes: Software To Download Qemu with ASA Dynamips WinPcap Sample Batch File @echo off ECHO Telnet to 127.0.0.1 on port 1234 to access ASA Console ECHO ——————————————————- ECHO * * * * * * *DO NOT...
Building a Virtual Cisco ASA
KB ID 0000051 Problem You would like to create a virtual Cisco ASA platform in a virtualized environment for training and or testing. Solution Notes: Software To Download Qemu with ASA Dynamips WinPcap Sample Batch File @echo off ECHO Telnet to 127.0.0.1 on port 1234 to access ASA Console ECHO ——————————————————- ECHO * * * * *...
Cisco Catalyst Password Recovery / Reset
KB ID 0000496 Problem The title is a bit of a misnomer, we are not going to recover the password, we are simply going to change the password to one we know. Solution Note: This procedure works on models, 2900, 2940, 2950, 2955, 3500XL, and 3550. Before you start connect the the device with a console cable and terminal emulation software, the procedure is the same as the one I’ve outlined here. 1. Power the switch off >press...
Cisco Catalyst Switches – Set a Management IP and Allow Telnet and Web Management
KB ID 0000614 Problem If you want to manage your Cisco Catalyst switch it’s not always practical to plug a console cable in to change its settings or monitor what it is doing. Putting an IP address on it and enabling remote management via Telnet or from your web browser is a better alternative, particularly if you have a lot of switches. Solution Enable Telnet Management on Cisco Catalyst Switch 1. Connect to the Switch using a...
Cisco IOS – Configuring Switch to Switch MACSEC
KB ID 0001000 Problem My colleague had to set this up on the test bench today, and it looked infinitely more interesting that what I was doing, so I grabbed my console cable, and offered to ‘help’. This was done on two Cisco Catalyst 3560-X switches, each with a 10G Service Module (C3KX-SM-10G), and 1Gb SFP modules (Note: Not 10Gb ones, this will become important later). Solution 1. First hurdle was, when we tried to add...
Cisco Catalyst – Upgrading ‘Stacked’ Switches
KB ID 0001002 Problem The following procedure was carried out on two Cisco Catalyst 3750 switches. Solution 1. We can see (above) that we have two switches, but if your connected remotely, best make sure. Petes-Stack#show switch Switch/Stack Mac Address : 0018.7347.a000 H/W Current Switch# Role Mac Address Priority Version State...