Cisco IOS – Return an Interface to Default (Remove all Settings)
Nov17

Cisco IOS – Return an Interface to Default (Remove all Settings)

Posted By on Nov 17, 2015

KB ID 0001010 Problem The configuration for a particular interface can get quite long, you could go to interface configuration mode, and prefix all the commands with a ‘no’. But this can be a bit repetitive and time consuming. Solution To remove the configuration for interfaces use the ‘default’ command. for example take a look at the following config for FastEthernet1/0/5. Petes-Switch>enable...

Read More
Cisco IOS and ASA Showing the Config Without the ‘More’ Breaks/Pauses
Nov17

Cisco IOS and ASA Showing the Config Without the ‘More’ Breaks/Pauses

Posted By on Nov 17, 2015

KB ID 0001017 Problem When looking at a router, switch or firewall running config, it will usually display a page at a time, you can page down with the space bar, or line down with the Enter/Return key. Normally that’s fine, but what if you want to capture (take a quick backup,) of the config? If you do that, and page down you get a copy of the config that looks like this; –More–   Yes, you can delete...

Read More
Cisco IOS – Interface is up, line protocol is down (monitoring)
Nov17

Cisco IOS – Interface is up, line protocol is down (monitoring)

Posted By on Nov 17, 2015

KB ID 0001027  Problem I had an ASA Active/Standby problem last week, each time I tried to make the primary firewall active, it would fail straight straight back. A look on the ASA told me the problem was one of the clients DMZ connections, (it was stuck in a ‘waiting’ state). A no monitor-interface DMZ command let me bring the primary ASA up active, but I had to visit the site to investigate the problem. The firewall...

Read More
Cisco CDA (Context Directory Agent) – Applying Patches
Nov17

Cisco CDA (Context Directory Agent) – Applying Patches

Posted By on Nov 17, 2015

KB ID 0001024  Problem Having a button that you could upload patches from, that would crazy eh? Cheers Cisco! I deployed a CDA appliance recently, and it needs (eventually) to be able to talk to Cisco ISE so I knew it had to be up to patch 2. At time of writing we are at patch 4, so I thought I’d put them all on. I don’t know if the patches are cumulative, and patch 3 looks a little smaller than patch 2 so I thought I...

Read More
Sync Microsoft Domain Time To A Cisco NTP Device
Nov17

Sync Microsoft Domain Time To A Cisco NTP Device

Posted By on Nov 17, 2015

KB ID 0001038 Problem I’ve been posting domain time articles for a long time, and on more than one occasion I’ve really needed to take my Windows time from a Cisco Device and failed miserably. I’ve even used third party NTP software to solve this problem on my own test network. On a client network, my colleague deployed ACS5 this week, I secured the ASA5585-X for AAA and it failed authentication. Logging revealed a...

Read More
Cisco Symbols (3D) Visio Stencils
Nov17

Cisco Symbols (3D) Visio Stencils

Posted By on Nov 17, 2015

KB ID 0001041  Problem I have to do a LOT of network drawings in Visio, and the standard Cisco Visio templates look a bit dated now. So how about some that look a little bit more professional? I used to use the Cisco Packet Icons library, but that meant cutting them out of Powerpoint all the time. Solution These are all part of the Cisco Validated Design Library, I don’t know why I never found them before. Cisco Validated Design...

Read More
Cisco – Using a Mini USB Console Cable
Nov17

Cisco – Using a Mini USB Console Cable

Posted By on Nov 17, 2015

KB ID 0001073  Problem A colleague asked me if I had a USB console cable, because the switch he was working on had a failed RJ45 console port. I thought it was just the same cable that charged my phone (USB A to micro USB). But it isn’t, it’s mini USB. I thought, that might happen to me at some point, and rather than carry yet another cable I got onto eBay and got a female micro USB to male mini USB converter for about...

Read More
Cisco IOS – Find The ‘Default Route’ For A VRF
Nov17

Cisco IOS – Find The ‘Default Route’ For A VRF

Posted By on Nov 17, 2015

KB ID 0001086  Problem Routing is one of my weaker subjects, and today I was trying to chase some routes though a network to locate all the firewalls. The core of the network has a bunch of 6500 Switches in various data centers. I tracked the network I was working on to an SVI on one of the core switches, that was in a VRF. But how could I find the ‘next hop’, the routing table on these switches is very large. Solution...

Read More
Cisco ISE – Replace the Self Signed Certificate
Nov17

Cisco ISE – Replace the Self Signed Certificate

Posted By on Nov 17, 2015

KB ID 0001068  Problem Cisco ISE arms itself with a self generated certificate out of the box, (well the NFR appliance does anyway). To replace that cert with one signed by your own CA, this is the procedure. (Note: I’m using Microsoft Certificate Services on Server 2012 R2). Solution Step 1: Import the CA Certificate into ISE Note: If you have a lot issuing servers it’s a good idea the repeat this procedure for EVERY...

Read More
Cisco ISE NFR Appliance Setup
Nov17

Cisco ISE NFR Appliance Setup

Posted By on Nov 17, 2015

KB ID 0001066 Problem The Cisco ISE NFR appliance is for demos and test bench use, I’m currently building a test lab for ISE so I spun a copy up. I looked at the associated ReadMe.pdf for instructions on the basic setup, and found a hyper-link to the instructions, that didn’t work! bah. Solution The appliance comes as an OVA file for importation into vSphere/ESX, I’m assuming you have already imported the appliance....

Read More