Monthly Archives :

  • Cisco – ASA VPN Concepts

    —-IPSEC Neogiation protocol – AH,ESP,ESP + AH  //which IPSEC encyption,authenication,proteection used encryption – DES, 3DES, AES, RSA, DH   //scramble data Authenication – MD5, SHA1              //makes sure keys go to person X. Protection – DH1,2,5,7 —-2 modes of VPN Transport – Can be used on the internal LAN environment to […]

    READ MORE
  • Cisco – ASDM (GUI Setup)

    1. Install Java 6u26 + Cisco ADSM to machineTFTP the adsm.bin file to the flash of the ASA router Set the ip of the interfaceconf tint gig0ip addnameif inside//higher is less secureno sh Prepare the ASA for ASDM hostname ASAdomain-name CISCOhttp server enablehttp 172.16.0.0 255.255.0.0 inside //allowed networks to accessusername USERNAME password CISCO priv 15asdm […]

    READ MORE
  • Cisco – Nexus – VPC

    —vPC Allows ether-channel between 2 different devices to communicate at the same time to a single device. Layer 2 protocol //show vpc brief Nexus 7K A feature vpc vpc domain 5 peer-switch int eth3/25 no switch no shut ip add 1.1.1.1 255.255.255.0 vpc domain 5 peer-keepalive destination 1.1.1.2 source 1.1.1.1 vrf default int port 20 […]

    READ MORE
  • Cisco – Nexus BGP / VDC

    ————–BGP————- feature BGP router bgp 65000 template peer-session SESSION neighbour 192.168.1.1 remote-as 65000 inherit peer-session SESSION address-family ipv4 unicast Router bgp 65000 template peer-policy POLICY neighbour 192.168.1.1 remote-as 65000 address-family ipv4 unicast inherit peer-policy POLICY 1 Router bgp 65000 address-family ipv4 unicast network 1.1.1.1 mask 255.255.255.0 —FEX Fabric Extender FEX is a technology where you […]

    READ MORE
  • Cisco – Datacenter Nexus

    —-Upgrading a Nexus———————— –Check BGP neighbors–Check OSPF Neighbors–Dump route table–VPC’s–VLANs–Port-channels and status–show interface status 2. Save configuration– copy running start. Backup config for NX-OS– copy startup-config tftp://172.20.1.50 5. Copy the EPLD + NX-OS image file to bootflashcopy SCP://172.168.1.50/n9000-epld.9.3.7.img bootflash://n9000-epld.9.3.7.imgcopy SCP://172.168.1.50/nxos.9.3.7.bin bootflash://nxos.9.3.7.bin 6. Verify MD5 Checksum -show file bootflash://sup-local/nxos.9.3.7.bin md5sum-show file bootflash://sup-local/n9000-epld.9.3.7.img md5sum 7. Determine if […]

    READ MORE
  • Cisco – Spanning Tree

    —-Spanning treeBride ID = Priority.MACIF LINK COST = SameHIGHER BRIDGE ID switches port is blockedUnder show spanning-treeroot id = information about root bridgebridge id = current device//set spanning-tree priorityconf tspanning-tree vlan 1 priority //ORspanning-tree vlan 1 root primary//portfast is used for ports that connect computers + router, stops a port from blocking.// DO NOT USE […]

    READ MORE
  • Cisco – VTP (VLAN Trunking Protocol)

    ———VTPNOTE: //200/300 PC’s per broadcast domain. //configure trunk ports between switches. Required for VTP traffic//also required to send packets out the same vlan on another switchint fa0/1//may need encapsulation setswitport trunk encapsulation dot1q//set port to trunkswitchport mode trunk//configure ports that will have pc’s plugged inint range fa0/1 – 24switchport mode accessconf tvtp domain [name]vtp password […]

    READ MORE
  • Cisco – OSPF

    —–OSPFrouter ospf [process ID] ! CAN Be DIFFERENT to a neighbour]network [ip] [wildcard] area [X] !’TURN ON FOR THIS INT, “ADVERTISE THIS LINK” 0 is backbone [router with with default route to share]conf trouter osfp [Process ID]default-information originate summary routesrouter ospf [process]network [ip] wilcard area 1 ‘setting up the router as an ABR, where the […]

    READ MORE
  • Cisco EIGRP / NAT

    —–EIGRProuter eigrp [instance number]network [ip] [wildcard] – Turn on for interfaceno auto-summary – stop guessing classful subnets from different networks[Interface to send new summary route out]ip summary-address eigrp [instance] [ip network] [subnet] ——NAT overload (PAT)ip nat inside – label the interfacesip nat outside -Label the interfacesip access-list standard NAT_ADDRESSESpermit [ip] [wildcard] anyip nat inside source […]

    READ MORE
  • Cisco Telnet / ACL’s / Extended Established

    ——–Using Telnetcontrol + shift + 6 Then X= Suspend telnet sessionresume 1enter on blank line, resumes recent sessiondisconnect – kills your open telnet sessionclear line = disconnect user on your router ——-Standard Access lists ACL (Applied closest to destination)access-list [0-99] permit [ip address] [wildcard]int s0/0access-group [number] [in/out]——-Extended ACcess lists ACLaccess-list [100-199] permit/deny [ip/tcp/UDP] [sourceIp] [wildcard] […]

    READ MORE