Cisco WAP571 Single Point Config – VLAN setting does not propagate

While configuring a handful of the Cisco WAP571 devices, using Single Point Config in a cluster, I have discovered that a VLAN configured on the Master does not propagate to the nodes. I am running the latest firmware revision at the time of this writing, 1.1.0.3. I configure a VLAN on the Master, such as “2”, and then assign a Virtual Access Read More

Warning, DHCP pool range is limited to 128 addresses

For all ASA models, the maximum number of DHCP client addresses varies depending on the license: If the limit is 10 hosts, the maximum available DHCP pool is 32 addresses. If the limit is 50 hosts, the maximum available DHCP pool is 128 addresses. If the number of hosts is unlimited, the maximum available DHCP pool is 256 addresses. That's annoying. Read More

Enable SSH Login on a Cisco Router

Quick example of setting up SSH access on a Cisco router. I have a few dozen routers in my lab I'm working on and actually made this scripted. This is here for me to remember in the future. Router(config)# crypto key generate rsa usage-keys label rtr-key The name for the keys will be: rtr-key Choose the size of the key modulus in the range of 360 to Read More

Test Cisco ASA VPN Authentication

Had an issue with a user that was failing to log into the VPN from remote. Couldn't initially figure it out while at home while troubleshooting the authentication. So here's how to test authentication from the Cisco ASA CLI.
Read More

Cisco IOS EEM: Send Email on VPN Connection

I set up a Cisco router to send an email whenever a VPN user connected. I did this for accounting purposes before I moved to RADIUS. I'll put this up here because someone else may be interested in this for their own use. Step 1: Environment Variable Setup I like to configure variables to use throughout my EEM applets so I don't get crazy with having Read More

Cisco EEM Applet – Send Email Notification on Internet Circuit Failure

I needed to setup notification to be sent via email when a circuit went down and failed over to a backup circuit on a Cisco Router 2921. Here's what I did. Create IP SLA I create my IP SLA to monitor ICMP of the internet... router(config)#ip sla 1 router(config)#icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0 router(config)#ip sla schedule 1 life Read More

Cisco ASA Debug a Specific VPN Tunnel

Just a quick note to myself on debugging VPN connectivity; you can specify a peer, user, etc. as a condition to the crypto debug. Here's how I did it from the CLI: ciscoasa# debug crypto condition peer 1.2.3.4 ciscoasa# debug crypto isakmp 255 ciscoasa# debug crypto ipsec 255 ciscoasa# term mon This will allow you to just narrow in on the debug information Read More