I don’t know why this happens sometimes with GNS3, and EVE-NG but occasionally I will get a connection between two devices that constantly complains.
%CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on {interface-name} (not half duplex), with {host-name} {interface-name} (half duplex).
For the uninitiated, a speed/duplex mismatch, usually happens when both ends of the link are set differently, or (more commonly) both ends are set to ‘auto’.
[box]
!
interface FastEthernet0/1
ip address 192.168.1.1 255.255.255.0
duplex autospeed auto
!
[/box]
Solution
WARNING: DO NOT carry out this procedure on live networking equipment, this is only for use in the GNS3 environment.
If this happens to you, you will sensibly try and set the speed/duplex of both ends of the link correctly, on real networking equipment that would solve the problem like so;
[box]
PetesRouter(config)#interface FastEthernet0/1
PetesRouter(config-if)#duplex full
*Aug 6 13:40:39.815: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
*Aug 6 13:40:41.823: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
*Aug 6 13:40:42.823: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
PetesRouter(config-if)#speed 100
*Aug 6 13:40:47.855: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
*Aug 6 13:40:49.859: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
*Aug 6 13:40:50.859: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
PetesRouter(config-if)#
[/box]
But in some cases on GNS3 it does not, (not sure if it’s a bug?)
Is that happening to you, the only way to stop it is to suppress the error. To do this add the ‘no cdp log mismatch duplex’ command to the interface giving you the error.
[box]
PetesRouter(config)#interface FastEthernet 0/1
PetesRouter(config-if)#no cdp log mismatch duplex
PetesRouter(config-if)#exit
PetesRouter(config)#exit
*Aug 6 13:45:55.235: %SYS-5-CONFIG_I: Configured from console by console
PetesRouter#write mem
Building configuration...
[OK]
PetesRouter#
[/box]
Related Articles, References, Credits, or External Links
This is another question I see getting asked a lot in forums!
You see something like the following;
[box]
000032: *Sep 28 09:35:32.507 UTC: %PHY-4-SFP_NOT_SUPPORTED: The SFP in Gi3/0/50 is not supported (PNL-3750-Stack)
000033: *Sep 28 09:35:32.507 UTC: %PM-4-ERR_DISABLE: gbic-invalid error detected on Gi3/0/50, putting Gi3/0/50 in err-disable state (PNL-3750-Stack)
[/box]
The usual response is ‘Enable unsupported SFP’s’, and while that sometimes is the answer, it’s not always the answer!
Solution
1. Firstly Check the Modules and the Switches, Are you tying to plug a 10GB SFP+ into a slot that only supports SFP, (that includes plugging a twinax cable into an old switch!) In your ‘show run’ you should see TenGigabitEthernet (if your using SFP+ modules). Some switches with network modules list the same interface twice (once as 10GB interfaces and once at 1GB modules, I’ve blogged about that before see THIS ARTICLE, and to confuse things even further, the four interface versions, are grouped as two pairs with each pair consisting of one SFP slot and one SFP+ slot.)
2. Make sure your cable is NOT a CAB-SFP-50CM, (unless you are connecting a 3560 to ANOTHER 3560).
3. Are you using a 2960-S? If so you may need to update the IOS to use SFP+ (assuming your model supports SFP+ not all 2960-S models do).
4. Are you plugging into a Nexus switch with a 1GB connection? If so check the other end for the following error;
Description: Gi1/1/15: This port has been disabled because Non Compliant Gigabit Interface Converter (GBIC) connector detected.
If so, you may need to Manually set the speed on the 5K to 1000, (it wont auto-sense).
5. Is it a non-cisco branded SFP? If so it may still work, (but you will get no joy if you log a TAC call) with the following commands;
[box]
Petes-SW(config)#service internal
Petes-SW(config)#no errdisable detect cause gbic-invalid
Petes-SW(config)#service unsupported-transceiver
“Why is my computer running slowly” “My computer is not as fast as it was” “What’s making it run so slow?” “It just Crawls” “I have to turn in on, then go and make a cup of coffee”
These are questions every techy hates “Why is my PC running so slowly?”, my reply is always “How long have you had it?” If its a business machine most users inherit them from someone else, who got it from someone else. If its a home machine its probably had months/years of software being installed and uninstalled.
The truth is, even a machine that’s being looked after and updated will slow down over time, the PC that ran like a rocket on Christmas morning may well run like a dog the following Christmas.
So what can you do? The best option (If its older than 9 months) is to back up your data and reinstall Windows, If it’s quite young, or the thought of installing Windows scares the hell out of you, there are a few steps you can take to recapture your machines “Just installed” speed.
Solution
Step 1 What’s Starting and Running in the Background?
A lot of software developers write their programs so they respond better by having them ticking over in the background, that’s great for that application, but over time more and more programs are taking valuable RAM and processor time.
Lets get that lot turned off. Log in as an administrator and do the following.
1. Start > Run > msconfig {enter}
2. The “System Configuration” window will open > Select the Startup Tab.
3. Untick EVERYTHING except your anti virus software (and possibly any anti-spy anti-malware programs). > Apply > OK > Reboot > Post reboot you will get a pop up message to say you have changed the settings.
Step 2 Do You Have a Virus?
Having decent AV software is a must! And then, just as importantly you need to keep it updated. Ask 100 Techies what’s the best Anti virus and you will get about 50 different answers. The following get my vote,
McAfee
Kaspersky
ESET/Nod32
Trend
All those are NOT Free, If you are wanting a free solution I’d recommend,
Microsoft
Security Essentials
AVG
1. Install some AV software > Update it and perform a full system scan.
Step 3 Is your PC full of Adware/Spyware/Malware
1. I’ve already written on this subject here. Use both the tools I’ve outlined in that article (Malwarebytes and SuperAntispyware) and make sure both packages report clean before proceeding.
2. If you are especially paranoid and you may have run some software that is not from the most “legal” of sources, I’d suggest running a rootkit scanner as well this one is free.
Step 4 Remove any old unwanted Programs
1. Click Start > Run > appwiz.cpl {enter}
2. Select any unused programs and uninstall them.
Step 5 Update your machine with the latest fixes and updates
Many times I’ve heard people tell me they don’t enable updates in case Microsoft bring out an update that breaks something, If we are talking about a production server that your business depends on, then fair enough, you need need a strategy for testing updates beforehand. But for client PC’s I’ve seen more problems because people have NOT got fixes installed for known problems that I’ve ever seen updates break something. I can count on my two hands how many times an update has caused a problem, and I’ve worked on thousands of systems.
2. Click Start Now > On the Review the license agreement page > Continue > Install.
Note: You may not be prompted to install the Microsoft Update software if this software is already available on the computer. After you successfully install the software, a Microsoft Update shortcut is added to the All Programs menu on the Start menu.
Step 6 Check Your system Drivers
Most pieces of hardware on your PC have a small piece of software (Driver) that lets them talk to the operating system, fist make sure non of yours are missing or failing,
1. Click Start > Run > devmgmt.msc {enter}
2. When it opens you will see and problem devices are usually marked with an exclamation mark.
Device Manager Errors in Windows XP Device Manager Errors in Windows 7
3. Locate the drivers for the hardware in question and install it.
4. Then use DriverMax to see if there are any new drivers available for your hardware. Install and run the software > Select Driver Downloads and Info > Check Online for Driver updates > You will need to create an account with DriverMax > Follow the instructions.
Step 7 Sort Out Your Hard Drive
1. If you open “My Computer” it should show you how much free space there is on your drive, If you are running low delete some data or move it elsewhere (Burn it to DVD or put on external storage).
2. Then to make sure all the files on your drive have been stored sensible by the operating system download and run De-Fraggler.
Step 8 Clean the Registry
1. There a loads of tools that you can use for this, In the past I’ve used Regseeker, but the most user friendly and easiest to use is CCleaner. Install and run it, then select the Registry tab > Scan for issues.
2. When it’s finished its run through, click “Fix Selected Issues” Answer Yes to backup the registry first > Save the backup file where you can find it. (If anything breaks afterwards simply double click this file and answer Yes to add/merge it into the registry).
<p<3. Then click “Fix All Selected Issues” > Close.
(Note: At this point you can select the “Cleaner” tab and perform some other routine cleanup tasks).
Step 9 Tidy Your Desktop
Specifically shortcuts, every shortcut on your desktop is a small piece of code that points somewhere else, every time your desktop is “Re-Drawn” those links are checked to see if they are OK. If you must have 100 shortcuts, then put all your shortcuts in one folder then have just one shortcut to that folder.
Shortcuts are usually indicated with an arrow
Step 10 Turn Down Windows Settings
1. All the fancy Windows shadows and aero settings take processor Power and RAM > Click Start > run > Sysdm.cpl {enter}
2. Select the Advanced Tab> In the Performance Section Click Settings > Select “Adjust for Best Performance” > Apply > OK.
Step 11 (Windows XP Only!)
1. Turn off Indexing (The indexing service speeds up searches) > Start >My Computer > Right Click C: > Properties > Untick “Allow Indexing Service to index this disk for fast file searching” > OK. (Repeat for any further hard drives you have).
Step 12 Install more Physical RAM in your Machine
If you have done all the above and it’s still running slow then simply consider adding more RAM, go to Crucial.com to see what memory upgrade your system will support.
Note: If anyone has anything to add, or thinks I’ve made a glaring omission, click here.
Related Articles, References, Credits, or External Links
For such a ‘baby’ switch this has a LOT of features, I had to lock down the speed and duplex settings on one of the switch ports today. The main details you will be looking for are,
Default IP address = 192.168.2.10
Default Password = blank
Solution
1. Put yourself on the same network: Windows Key+R > ncpa.cpl {enter} > Right click your network connection > Properties > Internet Protocol Version 4 (TCP/IP) > properties > Set yout IP to 192.168.2.11 and set the subnet mask to 255.255.255.0 > OK > OK.
2. Open a web browser and navigate to http://192.186.2.10 log in with a blank password.
3. To Change the Switches IP: Setup Network
4. To change Speed/Duplex Settings: Switching > Port Configuration
5. To change the password: Maintenance > Password Manager.
Related Articles, References, Credits, or External Links
However if you have a spare one lying around and you want to have a play, you CAN get it to version 7.1(2).
Note: It is possible to run the 8.0(2) version of the PIXOS on a 506E, Howerver you need to decompress the image and make some changes to it before it will work (usung lzma.exe). I could not find any decent details on how to do this, and I’m not really a code jockey. If anyone would like to document that and send me the details, I’ll publish it here.
Solution
Memory For the PIX 506E
Your first task is to get some more memory in the firewall. There are two slots on the board and only one will be populated with a 32MB PC133 chip. You need to be at AT LEAST 64MB to attempt this upgrade.
Opening the PIX 506E Chassis
What memory Do I need to find? Any PC133 will work, the memory in the firewall is non ECC, so if you locate some ECC memory you will need to replace the on board memory. Because it will not boot if you mix them (I know I tried). It’s not fussy if you use ECC or non ECC, as long as you don’t mix them. (Note: A lot of the ECC memory I found that worked, was ex server RAM, and it was fine, but the chips were “too tall” to get the lid back on the firewall afterwards.)
Can I use PC100? Yes! And you can mix PC100 and PC133, and the firewall will still boot (This is what I did).
Perform the Upgrade
1. Connect to the firewall via console cable, just to prove it’s still version 6, issue a show version command, Note the RAM and version number;
Important: At this point take a copy of the firewall Activation Key! [box]
Petes-PIX> en
Password:
Petes-PIX# show version
Cisco PIX Firewall Version 6.3(5)
Cisco PIX Device Manager Version 3.0(4)
Compiled on Thu 04-Aug-05 21:40 by morlee
Petes-PIX up 1 min 5 secs
Hardware: PIX-506E, 64 MB RAM, CPU Pentium II 300 MHz
Flash E28F640J3 @ 0x300, 8MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB
Output removed for the sake of space!
Serial Number: 810412141 (0x304de999)
Running Activation Key: 0x2d796132 0x68c660cd 0x334cac62 0xcaeddaaa
Configuration has not been modified since last system restart.
Petes-Pix#
[/box]
2. Before continuing make sure you have the 7.1(2) version of the PIX Operating system, and you have a TFTP Server set up ready to send you that file. The new OS needs so much flash memory you WILL NOT be able to run the ASDM*. First erase all files from the flash memory and reboot.
*You could try running th ASDM form your TFTP Server. [box]
3. Press Esc as the firewall boots to boot into ROMMON mode. Then set it to load its operating system from your TFTP server (here running on my laptop at 172.16.254.207). [box]
Use BREAK or ESC to interrupt flash boot.
PRESS ESC
Use SPACE to begin flash boot immediately.
Flash boot in 10 second.
Flash boot interrupted.
0: i8255X @ PCI(bus:0 dev:14 irq:10)
1: i8255X @ PCI(bus:0 dev:13 irq:11)
Using 1: i82557 @ PCI(bus:0 dev:13 irq:11), MAC: 0019.aabe.d624
Use ? for help.
monitor> address 172.16.254.240
address 172.16.254.240
monitor> server 172.16.254.207
server 172.16.254.207
monitor> file pix712.bin
file pix712.bin
monitor> tftp
tftp pix712.bin@172.16.254.207 .......................................
......................................................................
.........................................................
Received 6764544 bytes
Cisco PIX admin loader (3.0) #0: Tue Mar 14 16:46:07 PST 2006
#####################################################
#####################################################
#####################################################
#####################################################
#####################################################
64MB RAM
Total NICs found: 2
mcwa i82559 Ethernet at irq 11 MAC: 0019.aabe.d624
mcwa i82559 Ethernet at irq 10 MAC: 0019.aabe.d623
BIOS Flash=am29f400b @ 0xd8000
Old file system detected. Attempting to save data in flash
Flash filesystem is corrupted (0x0).
Could not save data in flash.
Initializing flashfs...
flashfs[7]: Checking block 0...block number was (-2131)
Output removed for the sake of space!
flashfs[7]: Checking block 61...block number was (0)
flashfs[7]: erasing block 61...done.
flashfs[7]: 0 files, 1 directories
flashfs[7]: 0 orphaned files, 0 orphaned directories
flashfs[7]: Total bytes: 7870464
flashfs[7]: Bytes used: 1024
flashfs[7]: Bytes available: 7869440
flashfs[7]: flashfs fsck took 52 seconds.
flashfs[7]: Initialization complete.
Need to burn loader....
Erasing sector 0...[OK]
Burning sector 0...[OK]
INFO: Unable to read firewall mode from flash
Cisco PIX Security Appliance Software Version 7.1(2)
Copyright (c) 1996-2006 by Cisco Systems, Inc.
[/box]
4. Now the operating system is in memory but if you rebooted the firewall it would not work, you need to configure the IP address, some basic settings, and copy the new OS to the firewall permanently. [box]
pixfirewall> enable
Password:
pixfirewall# show flash
Directory of flash:/
No files in directory
7870464 bytes total (7868416 bytes free)
pixfirewall# configure terminal
pixfirewall(config)# int Ethernet1
pixfirewall(config-if)# ip address 172.16.254.240 255.255.255.0
pixfirewall(config-if)# nameif inside
INFO: Security level for "inside" set to 100 by default.
pixfirewall(config-if)# no shutdown
pixfirewall(config-if)# exit
pixfirewall(config)# global (outside) 1 interface
INFO: outside interface address added to PAT pool
pixfirewall(config)# nat (inside) 1 0.0.0.0 0.0.0.0
pixfirewall(config)# ping 172.16.254.207
Sending 5, 100-byte ICMP Echos to 172.16.254.207, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/36/180 ms
pixfirewall(config)# copy tftp://172.16.254.207/pix712.bin flash
Address or name of remote host [172.16.254.207]?
Source filename [pix712.bin]?
Destination filename [pix712.bin]?
Accessing tftp://172.16.254.207/pix712.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Writing file flash:/pix712.bin...
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
6764544 bytes copied in 64.950 secs (105696 bytes/sec)
pixfirewall(config)# show flash
Directory of flash:/
5 -rw- 6764544 11:37:32 Feb 08 2013 pix712.bin
7870464 bytes total (1103872 bytes free)
[/box]
5. Change the firewall so that it uses this file to boot from, save the changes, and then reboot. [box]
pixfirewall(config)# boot system pix712.bin
INFO: Converting pix712.bin to flash:/pix712.bin
pixfirewall(config)# write mem
Building configuration...
Cryptochecksum: f59a9bd3 3129b8bc 474b2415 52f2db0f
1049 bytes copied in 0.430 secs
[OK]
pixfirewall(config)# reload
Proceed with reload? [confirm]
--- START GRACEFUL SHUTDOWN ---
Shutting down isakmp
Shutting down File system
--- SHUTDOWN NOW ---
Rebooting....
[/box]
6. Post reboot you should be upgraded. [box]
pixfirewall> enable
Password:
pixfirewall# show version
Cisco PIX Security Appliance Software Version 7.1(2)
Compiled on Tue 14-Mar-06 17:00 by dalecki
System image file is "flash:/pix712.bin"
Config file at boot was "startup-config"
pixfirewall up 10 secs
Hardware: PIX-506E, 64 MB RAM, CPU Pentium II 300 MHz
Flash E28F640J3 @ 0xfff00000, 8MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB
0: Ext: Ethernet0 : address is 0019.aabe.d623, irq 10
1: Ext: Ethernet1 : address is 0019.aabe.d624, irq 11
The Running Activation Key is not valid, using default settings:
Licensed features for this platform:
Maximum Physical Interfaces : 2
Maximum VLANs : 2
Inside Hosts : Unlimited
Failover : Not supported
VPN-DES : Disabled
VPN-3DES-AES : Disabled
Cut-through Proxy : Enabled
Guards : Enabled
URL Filtering : Enabled
Security Contexts : 0
GTP/GPRS : Disabled
pixfirewall#
[/box]
6. Finally add the original activation key you took note of in step one back into the firewall. [box]
pixfirewall# configure terminal
pixfirewall#(config)# activation-key 0x2d796132 0x68c660cd 0x334cac62 0xcaeddaaa
pixfirewall(config)# write mem
Building configuration...
Cryptochecksum: f59a9bd3 3129b8bc 474b2415 52f2db0f
1049 bytes copied in 0.430 secs
[OK]
pixfirewall(config)#
[/box]
Related Articles, References, Credits, or External Links