Cisco Router IOS – Configuring EIGRP
KB ID 0000929 Problem For the first time in about ten years I had to deal with EIGRP last week, so I thought I would run it up in a lab. Normally I would use GNS3 but for this procedure I’ll use Cisco Packet Tracer.</p< In fact I’ll include the files so you can download and use the lab yourself, (if you have a copy of Packet Tracer). And I’ll also include the configs for all the routers. In the lab I’ve...
Backup and Restore Cisco IOS (Switches and Routers)
KB ID 0000538 Problem It’s been a long time since I ran through setting up a TFTP server, but I still use 3CDeamon. Below I’ll run though the simple commands to back up, and restore the devices configuration. Solution Backing up a Cisco IOS Device 1. First you have to setup a TFTP server, and know the IP address of the machine it’s on! 2. Connect to the device, either via console cable, Telnet or SSH. 3. Log in >...
Cisco Router – Password Recovery /Bypass
KB ID 0000931 Problem If you have a Cisco router that you have forgotten the password for, or have been given one, or simply bought one from ebay, you may not know the password. In fact many years ago an ISP was going to charge me a ridiculas amount of money to put an entry in a routers routing table, this procedure ‘ahem’ would have allowed to to do it myself, for free, and then reload the router. Solution The reason you...
Cisco Router – Configure Site to Site IPSEC VPN
KB ID 0000933 Problem I’ve done thousands of firewall VPN’s but not many that terminate on Cisco Routers. It’s been a few years since I did one, and then I think I was a wuss and used the SDM. So when I was asked to do one last week thankfully I had the configs ready to go. I’m going to use the IP addresses above, and my tunnel will use the following settings; Encryption: AES. Hashing: SHA. Diffie Hellman:...
Cisco IOS – Setup Remote Telnet/SSH Management
KB ID 000093 Problem Having the ability to remotely administer network devices, means I don’t have to get my lazy carcass out of my chair and start fishing console cables out of my bag, also it saves on shoe leather, and travelling time. Solution Cisco Router / Switch – Setup Telnet Access These days people frown at Telnet. It’s an insecure protocol so your password is sent in clear text over the wire, and can be...
Cisco Router – CBAC and Zone Based Firewall Setup
KB ID 0000937 Problem IOS 11.2 gave us CBAC, and IOS 12.4(6)T gave us the Zone Based Firewall. You can still use either, (providing you are running the correct IOS, or in the case of version 15 and upwards, added the correct license, ‘securityK9’). For older IOS versions usually you want the advipservices version of the IOS). Solution Run the following command to see if you have the correct license installed....
Cisco PRSM – Replace the Certificate Using Microsoft Certificate Services
KB ID 0001023 Problem Cisco PRSM gives you the ability to import certificates into it, but like other Linux distros does not give you the tools to generate the actual certificate request. The documentation tells you to use OpenSSL to this. I was just about to fire up a CentOS box when I remembered I did something similar for VMware 5.5 not so long ago, would the same procedure work here? Yes it did, and it’s a lot easier than...
PIX 506E and 501 Firewall Image and PDM Upgrade
KB ID 0000065 Problem Note: PIX 515E and above, can still be upgraded to version 8.0(4) click here for details Some people will wonder why I’m bothering to write this up, but the truth is, there are LOADS of older PIX firewalls out there in the wild, and all the PIX 501’s and 506E’s that are being retired from corporate use are being bought on ebay, or being put on IT departments test benches. This page deals with...
Cisco PIX (500 Series) Password Recovery / Reset
KB ID 0000064 Problem If you are locked out of your PIX firewall then you will need to do some password recovery, this procedure will reset the enable password and remove any AAA username and password settings on the PIX. Note: If you have a PIX 520 (This has a floppy drive, and the process is different) CLICK HERE Solution Before You Start ! 1. You need to know the software version that is running on the PIX e.g 6.3(5) or 7.0(1) 2....
Set up a PIX Firewall with the PDM
KB ID 0000217 Problem The following procedure is a complete run though on setting up a Cisco PIX Firewall (PIX 501, 506, 506E, 515, 515E, 520, 525, or 535) via the HTTPS GUI front end (PDM). Note: the PDM will only work with firewall operating systems BEFORE version 7.x.(x). Therefore PIX platforms that are 515E, 525 or 535 should be running version 7.x(x) or above and should be web managed via the ASDM. Unless you are out of support...