While configuring a handful of the Cisco WAP571 devices, using Single Point Config in a cluster, I have discovered that a VLAN configured on the Master does not propagate to the nodes. I am running the latest firmware revision at the time of this writing, 126.96.36.199. I configure a VLAN on the Master, such as “2”, and then assign a Virtual Access Read More
For all ASA models, the maximum number of DHCP client addresses varies depending on the license: If the limit is 10 hosts, the maximum available DHCP pool is 32 addresses. If the limit is 50 hosts, the maximum available DHCP pool is 128 addresses. If the number of hosts is unlimited, the maximum available DHCP pool is 256 addresses. That's annoying. Read More
Pulled a dead Cisco 1252AP that only ran for 3 years. Decided to tear it apart and take a few pictures since I've never seen inside one. Read More
Quick example of setting up SSH access on a Cisco router. I have a few dozen routers in my lab I'm working on and actually made this scripted. This is here for me to remember in the future. Router(config)# crypto key generate rsa usage-keys label rtr-key The name for the keys will be: rtr-key Choose the size of the key modulus in the range of 360 to Read More
The hold music from this episode, Opus No. 1, by Tim Carleton and Darrick Deel
Had an issue with a user that was failing to log into the VPN from remote. Couldn't initially figure it out while at home while troubleshooting the authentication. So here's how to test authentication from the Cisco ASA CLI.
I set up a Cisco router to send an email whenever a VPN user connected. I did this for accounting purposes before I moved to RADIUS. I'll put this up here because someone else may be interested in this for their own use. Step 1: Environment Variable Setup I like to configure variables to use throughout my EEM applets so I don't get crazy with having Read More
I needed to setup notification to be sent via email when a circuit went down and failed over to a backup circuit on a Cisco Router 2921. Here's what I did. Create IP SLA I create my IP SLA to monitor ICMP of the internet... router(config)#ip sla 1 router(config)#icmp-echo 188.8.131.52 source-interface GigabitEthernet0/0 router(config)#ip sla schedule 1 life Read More
A quick note on factory resetting Cisco PIX 501 devices.
In enable mode:
pix501# config t pix501(config)# configure factory-default
Just a quick note to myself on debugging VPN connectivity; you can specify a peer, user, etc. as a condition to the crypto debug. Here's how I did it from the CLI: ciscoasa# debug crypto condition peer 184.108.40.206 ciscoasa# debug crypto isakmp 255 ciscoasa# debug crypto ipsec 255 ciscoasa# term mon This will allow you to just narrow in on the debug information Read More