Cisco Catalyst – Configure Ports for VMware ESXi NICs using VLANS
Nov17

Cisco Catalyst – Configure Ports for VMware ESXi NICs using VLANS

Posted By on Nov 17, 2015

KB ID 0001065  Problem If you don’t need different virtual machines to be in different VLANS on your vSphere/ESXi servers then you probably just connect everything together and it all works fine. I was trying to carve off some hosts into their own VLAN today, and setup a new vSwitch. or if you prefer to work in the fat client. Now you can see (above), I’ve presented one physical NIC to this vSwitch (vmnic1). This is...

Read More
Cisco Catalyst – %Error Deleting flash:/{name} (Is a directory)
Nov17

Cisco Catalyst – %Error Deleting flash:/{name} (Is a directory)

Posted By on Nov 17, 2015

KB ID 0001070  Problem Today I was upgrading a Cisco 3750 switch, and needed to free up some space in the flash memory to upload the new system image to. But when I tried to delete the current system file I got this error. Petes-3750# dir Directory of flash:/ 2 -rwx 796 Mar 7 1993 01:15:49 +00:00 vlan.dat 3 drwx 192 Mar 1 1993 00:17:13 +00:00 c3750-ipservicesk9-mz.122-55.SE5 4 -rwx 5504 May 27 2015 10:23:47 +00:00 private-config.text...

Read More
Securing Network Device Access With Cisco ACS (and Active Directory)
Nov17

Securing Network Device Access With Cisco ACS (and Active Directory)

Posted By on Nov 17, 2015

KB ID 0000942 Problem For network identification I have tended to use RADIUS (in a Windows NPS or IAS flavour), in the past. I turned my back on Cisco TACACS+ back in my ‘Studying for CCNA’ days, because back then it was clunky and awful. I have a client that will be installing ACS in the near future, so I thought I would take a look at it again, and was surprised at how much more polished it is. As Cisco plans to roll ACS...

Read More
Cisco IOS – Enrolling for Certificates with NDES
Nov17

Cisco IOS – Enrolling for Certificates with NDES

Posted By on Nov 17, 2015

KB ID 0000948 Problem To get your Cisco Router or Switch to enroll, and obtain a certificate from a Windows Server running NDES, this is the procedure you need to follow. Solution When dealing with certificates, it’s important that your device is maintaining the correct time. You can set this manually, but I’d recommend setting up NTP. Setting IOS Time (Manually and via NTP) 1. Choose either of the options below, (as...

Read More
Cisco IOS – Return an Interface to Default (Remove all Settings)
Nov17

Cisco IOS – Return an Interface to Default (Remove all Settings)

Posted By on Nov 17, 2015

KB ID 0001010 Problem The configuration for a particular interface can get quite long, you could go to interface configuration mode, and prefix all the commands with a ‘no’. But this can be a bit repetitive and time consuming. Solution To remove the configuration for interfaces use the ‘default’ command. for example take a look at the following config for FastEthernet1/0/5. Petes-Switch>enable...

Read More
Cisco IOS and ASA Showing the Config Without the ‘More’ Breaks/Pauses
Nov17

Cisco IOS and ASA Showing the Config Without the ‘More’ Breaks/Pauses

Posted By on Nov 17, 2015

KB ID 0001017 Problem When looking at a router, switch or firewall running config, it will usually display a page at a time, you can page down with the space bar, or line down with the Enter/Return key. Normally that’s fine, but what if you want to capture (take a quick backup,) of the config? If you do that, and page down you get a copy of the config that looks like this; –More–   Yes, you can delete...

Read More
Cisco IOS – Interface is up, line protocol is down (monitoring)
Nov17

Cisco IOS – Interface is up, line protocol is down (monitoring)

Posted By on Nov 17, 2015

KB ID 0001027  Problem I had an ASA Active/Standby problem last week, each time I tried to make the primary firewall active, it would fail straight straight back. A look on the ASA told me the problem was one of the clients DMZ connections, (it was stuck in a ‘waiting’ state). A no monitor-interface DMZ command let me bring the primary ASA up active, but I had to visit the site to investigate the problem. The firewall...

Read More
Sync Microsoft Domain Time To A Cisco NTP Device
Nov17

Sync Microsoft Domain Time To A Cisco NTP Device

Posted By on Nov 17, 2015

KB ID 0001038 Problem I’ve been posting domain time articles for a long time, and on more than one occasion I’ve really needed to take my Windows time from a Cisco Device and failed miserably. I’ve even used third party NTP software to solve this problem on my own test network. On a client network, my colleague deployed ACS5 this week, I secured the ASA5585-X for AAA and it failed authentication. Logging revealed a...

Read More
Cisco – Using a Mini USB Console Cable
Nov17

Cisco – Using a Mini USB Console Cable

Posted By on Nov 17, 2015

KB ID 0001073  Problem A colleague asked me if I had a USB console cable, because the switch he was working on had a failed RJ45 console port. I thought it was just the same cable that charged my phone (USB A to micro USB). But it isn’t, it’s mini USB. I thought, that might happen to me at some point, and rather than carry yet another cable I got onto eBay and got a female micro USB to male mini USB converter for about...

Read More
Cisco IOS – Find The ‘Default Route’ For A VRF
Nov17

Cisco IOS – Find The ‘Default Route’ For A VRF

Posted By on Nov 17, 2015

KB ID 0001086  Problem Routing is one of my weaker subjects, and today I was trying to chase some routes though a network to locate all the firewalls. The core of the network has a bunch of 6500 Switches in various data centers. I tracked the network I was working on to an SVI on one of the core switches, that was in a VRF. But how could I find the ‘next hop’, the routing table on these switches is very large. Solution...

Read More