Cisco – Cracking and Decrypting Passwords (Type 7 and Type 5)
Nov17

Cisco – Cracking and Decrypting Passwords (Type 7 and Type 5)

Posted By on Nov 17, 2015

KB ID 0000940  Problem Decrypt Type 7 Cisco Passwords The Internet is full of sites that have something like the tool below, tap your ‘encrypted’ password in and it will reveal the Cisco password.   Input Type 7 Obfuscated Password: Output Plain Text Password: As you can see I’ve specifically written ‘obfuscated’ above, because the password isn’t actually encrypted at all. All that happens is the...

Read More
Securing Network Device Access With Cisco ACS (and Active Directory)
Nov17

Securing Network Device Access With Cisco ACS (and Active Directory)

Posted By on Nov 17, 2015

KB ID 0000942 Problem For network identification I have tended to use RADIUS (in a Windows NPS or IAS flavour), in the past. I turned my back on Cisco TACACS+ back in my ‘Studying for CCNA’ days, because back then it was clunky and awful. I have a client that will be installing ACS in the near future, so I thought I would take a look at it again, and was surprised at how much more polished it is. As Cisco plans to roll ACS...

Read More
Cisco VPN Client Install Error 28000
Nov17

Cisco VPN Client Install Error 28000

Posted By on Nov 17, 2015

KB ID 0000945  Problem Seen when attempting to install or remove the Cisco VPN client software. Error 28000: Before installing the Cisco Systems VPN Clients {version}, you must uninstall the previous version of Cisco Systems VPN Client {version}, using the Add/Remove Program Files option in the Control Panel. Then restart your system. Solution 1. Firstly Windows Key +R > appwiz.cpl {Enter} > Locate and remove the VPN Client....

Read More
Cisco IOS – Enrolling for Certificates with NDES
Nov17

Cisco IOS – Enrolling for Certificates with NDES

Posted By on Nov 17, 2015

KB ID 0000948 Problem To get your Cisco Router or Switch to enroll, and obtain a certificate from a Windows Server running NDES, this is the procedure you need to follow. Solution When dealing with certificates, it’s important that your device is maintaining the correct time. You can set this manually, but I’d recommend setting up NTP. Setting IOS Time (Manually and via NTP) 1. Choose either of the options below, (as...

Read More
Cisco IOS – Return an Interface to Default (Remove all Settings)
Nov17

Cisco IOS – Return an Interface to Default (Remove all Settings)

Posted By on Nov 17, 2015

KB ID 0001010 Problem The configuration for a particular interface can get quite long, you could go to interface configuration mode, and prefix all the commands with a ‘no’. But this can be a bit repetitive and time consuming. Solution To remove the configuration for interfaces use the ‘default’ command. for example take a look at the following config for FastEthernet1/0/5. Petes-Switch>enable...

Read More
Cisco IOS and ASA Showing the Config Without the ‘More’ Breaks/Pauses
Nov17

Cisco IOS and ASA Showing the Config Without the ‘More’ Breaks/Pauses

Posted By on Nov 17, 2015

KB ID 0001017 Problem When looking at a router, switch or firewall running config, it will usually display a page at a time, you can page down with the space bar, or line down with the Enter/Return key. Normally that’s fine, but what if you want to capture (take a quick backup,) of the config? If you do that, and page down you get a copy of the config that looks like this; –More–   Yes, you can delete...

Read More
Cisco IOS – Interface is up, line protocol is down (monitoring)
Nov17

Cisco IOS – Interface is up, line protocol is down (monitoring)

Posted By on Nov 17, 2015

KB ID 0001027  Problem I had an ASA Active/Standby problem last week, each time I tried to make the primary firewall active, it would fail straight straight back. A look on the ASA told me the problem was one of the clients DMZ connections, (it was stuck in a ‘waiting’ state). A no monitor-interface DMZ command let me bring the primary ASA up active, but I had to visit the site to investigate the problem. The firewall...

Read More
Cisco CDA (Context Directory Agent) – Applying Patches
Nov17

Cisco CDA (Context Directory Agent) – Applying Patches

Posted By on Nov 17, 2015

KB ID 0001024  Problem Having a button that you could upload patches from, that would crazy eh? Cheers Cisco! I deployed a CDA appliance recently, and it needs (eventually) to be able to talk to Cisco ISE so I knew it had to be up to patch 2. At time of writing we are at patch 4, so I thought I’d put them all on. I don’t know if the patches are cumulative, and patch 3 looks a little smaller than patch 2 so I thought I...

Read More
Sync Microsoft Domain Time To A Cisco NTP Device
Nov17

Sync Microsoft Domain Time To A Cisco NTP Device

Posted By on Nov 17, 2015

KB ID 0001038 Problem I’ve been posting domain time articles for a long time, and on more than one occasion I’ve really needed to take my Windows time from a Cisco Device and failed miserably. I’ve even used third party NTP software to solve this problem on my own test network. On a client network, my colleague deployed ACS5 this week, I secured the ASA5585-X for AAA and it failed authentication. Logging revealed a...

Read More
Cisco Symbols (3D) Visio Stencils
Nov17

Cisco Symbols (3D) Visio Stencils

Posted By on Nov 17, 2015

KB ID 0001041  Problem I have to do a LOT of network drawings in Visio, and the standard Cisco Visio templates look a bit dated now. So how about some that look a little bit more professional? I used to use the Cisco Packet Icons library, but that meant cutting them out of Powerpoint all the time. Solution These are all part of the Cisco Validated Design Library, I don’t know why I never found them before. Cisco Validated Design...

Read More