Tuesday, September 29, 2015
Monday, September 28, 2015
Telco SmartJack: On The Floor, Under The Desk
Some good work by the local Telco. If you cant find wood on the wall, just put in on the floor.
Sunday, September 27, 2015
Sunday Thought: Stained Glass Masquerade
Interesting lyrics to this song. Do we think like this? Stained Glass Masquerade
Saturday, September 26, 2015
Friday, September 25, 2015
One Of Those Days
Ever have one of those days where nothing goes right? I hate those. I just had one. I show up to a customer about an hour late because of a wreck on the interstate. Then, the switch gear I am supposed to install is not onsite, but back at my office, which is an hour away. Then, when making changes to the network, nothing goes as expected. Oh, and did I mention that the POE died on the new switch I was installing? Turned out to be quite a nightmare. Sometimes you just have a day (an overnight) like that.
Wednesday, September 23, 2015
Cisco Switch: "Show Inventory" Command
Sometimes you just need to know about your equipment. Like taking an inventory. Below is a stack of Cisco 2960s. They have the stacking module, gbic, etc. "Show inventory" shows you serial and some other good info you might need.
2960#sh inventory
NAME: "2", DESCR: "WS-C2960XR-48FPS-I"
PID: WS-C2960XR-48FPS-I, VID: V02 , SN: FDO1916XXXX
NAME: "Switch 2 - Power Supply 1", DESCR: "FRU Power Supply"
PID: PWR-C2-1025WAC , VID: V01L , SN: LIT1913XXXX
NAME: "Switch 2 - FlexStackPlus Module", DESCR: "Stacking Module"
PID: C2960X-STACK , VID: V01 , SN: FOC1923XXXX
NAME: "GigabitEthernet2/0/49", DESCR: "1000BaseSX SFP"
PID: GLC-SX-MMD , VID: V01 , SN: GTFJXXXX
NAME: "1", DESCR: "WS-C2960XR-24PS-I"
PID: WS-C2960XR-24PS-I , VID: V02 , SN: FDO1915XXXX
NAME: "Switch 1 - Power Supply 1", DESCR: "FRU Power Supply"
PID: PWR-C2-640WAC , VID: V01L , SN: LIT1910XXXX
NAME: "Switch 1 - FlexStackPlus Module", DESCR: "Stacking Module"
PID: C2960X-STACK , VID: V01 , SN: FOC1922XXXX
NAME: "GigabitEthernet1/0/25", DESCR: "1000BaseSX SFP"
PID: GLC-SX-MMD , VID: V01 , SN: GTFJXXXX
2960#sh inventory
NAME: "2", DESCR: "WS-C2960XR-48FPS-I"
PID: WS-C2960XR-48FPS-I, VID: V02 , SN: FDO1916XXXX
NAME: "Switch 2 - Power Supply 1", DESCR: "FRU Power Supply"
PID: PWR-C2-1025WAC , VID: V01L , SN: LIT1913XXXX
NAME: "Switch 2 - FlexStackPlus Module", DESCR: "Stacking Module"
PID: C2960X-STACK , VID: V01 , SN: FOC1923XXXX
NAME: "GigabitEthernet2/0/49", DESCR: "1000BaseSX SFP"
PID: GLC-SX-MMD , VID: V01 , SN: GTFJXXXX
NAME: "1", DESCR: "WS-C2960XR-24PS-I"
PID: WS-C2960XR-24PS-I , VID: V02 , SN: FDO1915XXXX
NAME: "Switch 1 - Power Supply 1", DESCR: "FRU Power Supply"
PID: PWR-C2-640WAC , VID: V01L , SN: LIT1910XXXX
NAME: "Switch 1 - FlexStackPlus Module", DESCR: "Stacking Module"
PID: C2960X-STACK , VID: V01 , SN: FOC1922XXXX
NAME: "GigabitEthernet1/0/25", DESCR: "1000BaseSX SFP"
PID: GLC-SX-MMD , VID: V01 , SN: GTFJXXXX
Monday, September 21, 2015
Is The Packet Making It Through
I had this issue come up where the customer was saying something was wrong with the firewall. I have several posts about configuring a packet capture on the ASA, so I wont go into the config of that. But, below is what I did to prove that the ASA was ok.
Lets capture on the outside interface of the ASA to see if the packets are making it:
ASA# sh capture capin
5 packets captured
1: 13:33:23.722023 45.45.156.128.35106 > 50.50.75.4.80: S 1746501894:1746501894(0) win 65535 <mss 1460,sackOK,timestamp 9024126 0,nop,wscale 6>
2: 13:33:23.723763 45.45.156.128.35107 > 50.50.75.4.80: S 370354649:370354649(0) win 65535 <mss 1460,sackOK,timestamp 9024126 0,nop,wscale 6>
3: 13:33:23.951794 45.45.156.128.35109 > 50.50.75.4.80: S 426922397:426922397(0) win 65535 <mss 1460,sackOK,timestamp 9024149 0,nop,wscale 6>
4: 13:33:24.562043 45.45.156.128.35113 > 50.50.75.4.80: S 1385524340:1385524340(0) win 65535 <mss 1460,sackOK,timestamp 9024210 0,nop,wscale 6>
5: 13:33:29.637296 45.45.156.128.35114 > 50.50.75.4.80: S 3644565852:3644565852(0) win 65535 <mss 1460,sackOK,timestamp 9024717 0,nop,wscale 6>
5 packets shown
Yeah, it looks like the packets are making it. Now its time to capture on the inside interface of the ASA:
ASA# sh capture capin
4 packets captured
1: 14:05:53.245623 45.45.156.128.35120 > 192.168.60.10.80: S 528608121:528608121(0) win 65535 <mss 1380,sackOK,timestamp 9219068 0,nop,wscale 6>
2: 14:05:53.245882 45.45.156.128.35119 > 192.168.60.10.80: S 236186416:236186416(0) win 65535 <mss 1380,sackOK,timestamp 9219068 0,nop,wscale 6>
3: 14:05:53.736076 45.45.156.128.35122 > 192.168.60.10.80: S 104826225:104826225(0) win 65535 <mss 1380,sackOK,timestamp 9219119 0,nop,wscale 6>
4: 14:05:58.860688 45.45.156.128.35123 > 192.168.60.10.80: S 4140132663:4140132663(0) win 65535 <mss 1380,sackOK,timestamp 9219630 0,nop,wscale 6>
4 packets shown
ASA#
Can I ping the server from the ASA? See below, it looks like I cant.
ASA# ping 192.168.60.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.60.10, timeout is 2 seconds:
?????
Success rate is 0 percent (0/5)
ASA#
Lets capture on the outside interface of the ASA to see if the packets are making it:
ASA# sh capture capin
5 packets captured
1: 13:33:23.722023 45.45.156.128.35106 > 50.50.75.4.80: S 1746501894:1746501894(0) win 65535 <mss 1460,sackOK,timestamp 9024126 0,nop,wscale 6>
2: 13:33:23.723763 45.45.156.128.35107 > 50.50.75.4.80: S 370354649:370354649(0) win 65535 <mss 1460,sackOK,timestamp 9024126 0,nop,wscale 6>
3: 13:33:23.951794 45.45.156.128.35109 > 50.50.75.4.80: S 426922397:426922397(0) win 65535 <mss 1460,sackOK,timestamp 9024149 0,nop,wscale 6>
4: 13:33:24.562043 45.45.156.128.35113 > 50.50.75.4.80: S 1385524340:1385524340(0) win 65535 <mss 1460,sackOK,timestamp 9024210 0,nop,wscale 6>
5: 13:33:29.637296 45.45.156.128.35114 > 50.50.75.4.80: S 3644565852:3644565852(0) win 65535 <mss 1460,sackOK,timestamp 9024717 0,nop,wscale 6>
5 packets shown
Yeah, it looks like the packets are making it. Now its time to capture on the inside interface of the ASA:
ASA# sh capture capin
4 packets captured
1: 14:05:53.245623 45.45.156.128.35120 > 192.168.60.10.80: S 528608121:528608121(0) win 65535 <mss 1380,sackOK,timestamp 9219068 0,nop,wscale 6>
2: 14:05:53.245882 45.45.156.128.35119 > 192.168.60.10.80: S 236186416:236186416(0) win 65535 <mss 1380,sackOK,timestamp 9219068 0,nop,wscale 6>
3: 14:05:53.736076 45.45.156.128.35122 > 192.168.60.10.80: S 104826225:104826225(0) win 65535 <mss 1380,sackOK,timestamp 9219119 0,nop,wscale 6>
4: 14:05:58.860688 45.45.156.128.35123 > 192.168.60.10.80: S 4140132663:4140132663(0) win 65535 <mss 1380,sackOK,timestamp 9219630 0,nop,wscale 6>
4 packets shown
ASA#
Can I ping the server from the ASA? See below, it looks like I cant.
ASA# ping 192.168.60.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.60.10, timeout is 2 seconds:
?????
Success rate is 0 percent (0/5)
ASA#
Sunday, September 20, 2015
Sunday Thought: Sunday In The South
Since moving to a bigger city, there are several things that I miss. There is one thing though, that came to mind tonight as I'm writing this post. I really didn't realize it until I thought of this song. At my wife's old church, they had this thing call "homecoming". I really didn't appreciate it then, I'm sure. I think what I miss the most is the people. It was an older church for sure, meaning there were a lot of the older generation that attended that church. I miss how they were genuinely interested in you. They would come to you just to talk to you.
I don't see this much anymore. Birmingham is the largest city in the state of Alabama. Its no Atlanta, but it seems to be big enough to get lost from the ways we grew up with. I must admit I've lost some of this myself to some degree. Maybe its time to get this back.
Saturday, September 19, 2015
Thursday, September 17, 2015
Cisco 2960-XR: Switch Stack Upgrade
I'd like to see Cisco do like Brocade does when it comes to upgrading a stack. In Brocade, you upgrade the main switch, and it passes the firmware to the other switches automatically. In Cisco, you have to put it on each switch. Here below, I copy the firmware from my laptop to the first switch in the stack. Then, I copy it from the stack to the other members manually.
2960-XR#copy tftp flash1:
Address or name of remote host []? 192.168.101.112
Source filename []? c2960x-universalk9-mz.152-3.E1.bin
Destination filename [c2960x-universalk9-mz.152-3.E1.bin]?
Accessing tftp://192.168.101.112/c2960x-universalk9-mz.152-3.E1.bin...
Loading c2960x-universalk9-mz.152-3.E1.bin from 192.168.101.112 (via Vlan1): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 23576576 bytes]
23576576 bytes copied in 676.562 secs (34848 bytes/sec)
2960-XR#
2960-XR#
2960-XR#copy flash1: flash2:
Source filename []? c2960x-universalk9-mz.152-3.E1.bin
Destination filename [c2960x-universalk9-mz.152-3.E1.bin]?
Copy in progress...CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
23576576 bytes copied in 326.313 secs (72251 bytes/sec)
2960-XR#copy flash2: flash3:
Source filename []? c2960x-universalk9-mz.152-3.E1.bin
Destination filename [c2960x-universalk9-mz.152-3.E1.bin]?
Copy in progress...CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
23576576 bytes copied in 353.290 secs (66734 bytes/sec)
2960-XR#copy flash2: flash4:
Source filename [c2960x-universalk9-mz.152-3.E1.bin]?
Destination filename [c2960x-universalk9-mz.152-3.E1.bin]?
Copy in progress...CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
23576576 bytes copied in 367.907 secs (64083 bytes/sec)
2960-XR#
2960-XR# sh boot
BOOT path-list : flash:c2960x-universalk9-mz.152-3.E1.bin
Config file : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break : yes
Manual Boot : no
HELPER path-list :
Auto upgrade : yes
Auto upgrade path :
NVRAM/Config file
buffer size: 524288
Timeout for Config
Download: 0 seconds
Config Download
via DHCP: disabled (next boot: disabled)
-------------------
Switch 1
-------------------
BOOT path-list : flash:c2960x-universalk9-mz.152-3.E1.bin
Config file : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break : yes
Manual Boot : no
HELPER path-list :
Auto upgrade : no
Auto upgrade path :
-------------------
Switch 3
-------------------
BOOT path-list : flash:c2960x-universalk9-mz.152-3.E1.bin
Config file : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break : yes
Manual Boot : no
HELPER path-list :
Auto upgrade : no
Auto upgrade path :
-------------------
Switch 4
-------------------
BOOT path-list : flash:c2960x-universalk9-mz.152-3.E1.bin
Config file : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break : yes
Manual Boot : no
HELPER path-list :
Auto upgrade : no
Auto upgrade path :
2960-XR#
2960-XR#copy tftp flash1:
Address or name of remote host []? 192.168.101.112
Source filename []? c2960x-universalk9-mz.152-3.E1.bin
Destination filename [c2960x-universalk9-mz.152-3.E1.bin]?
Accessing tftp://192.168.101.112/c2960x-universalk9-mz.152-3.E1.bin...
Loading c2960x-universalk9-mz.152-3.E1.bin from 192.168.101.112 (via Vlan1): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 23576576 bytes]
23576576 bytes copied in 676.562 secs (34848 bytes/sec)
2960-XR#
2960-XR#
2960-XR#copy flash1: flash2:
Source filename []? c2960x-universalk9-mz.152-3.E1.bin
Destination filename [c2960x-universalk9-mz.152-3.E1.bin]?
Copy in progress...CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
23576576 bytes copied in 326.313 secs (72251 bytes/sec)
2960-XR#copy flash2: flash3:
Source filename []? c2960x-universalk9-mz.152-3.E1.bin
Destination filename [c2960x-universalk9-mz.152-3.E1.bin]?
Copy in progress...CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
23576576 bytes copied in 353.290 secs (66734 bytes/sec)
2960-XR#copy flash2: flash4:
Source filename [c2960x-universalk9-mz.152-3.E1.bin]?
Destination filename [c2960x-universalk9-mz.152-3.E1.bin]?
Copy in progress...CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
23576576 bytes copied in 367.907 secs (64083 bytes/sec)
2960-XR#
2960-XR# sh boot
BOOT path-list : flash:c2960x-universalk9-mz.152-3.E1.bin
Config file : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break : yes
Manual Boot : no
HELPER path-list :
Auto upgrade : yes
Auto upgrade path :
NVRAM/Config file
buffer size: 524288
Timeout for Config
Download: 0 seconds
Config Download
via DHCP: disabled (next boot: disabled)
-------------------
Switch 1
-------------------
BOOT path-list : flash:c2960x-universalk9-mz.152-3.E1.bin
Config file : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break : yes
Manual Boot : no
HELPER path-list :
Auto upgrade : no
Auto upgrade path :
-------------------
Switch 3
-------------------
BOOT path-list : flash:c2960x-universalk9-mz.152-3.E1.bin
Config file : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break : yes
Manual Boot : no
HELPER path-list :
Auto upgrade : no
Auto upgrade path :
-------------------
Switch 4
-------------------
BOOT path-list : flash:c2960x-universalk9-mz.152-3.E1.bin
Config file : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break : yes
Manual Boot : no
HELPER path-list :
Auto upgrade : no
Auto upgrade path :
2960-XR#
Tuesday, September 15, 2015
Palo Alto: HA Install
I really like the Palo Alto product and its capabilities. Its a good security choice. In fact, its in my top two of choice firewalls for enterprise environments. Here below, Im putting in two PAs in high availability.
Monday, September 14, 2015
Brocade Switch: How To Find Out What VLAN A Port Is In
How do you find out what VLAN a port is in without having to look at the config? Especially if you have a lot of ports to look through. Or even a lot of VLANs. Try the "show vlan ethernet X/X/X" command. See below. I run this command and it shows me that port 1/1/42 is in VLAN 25.
telnet@DC_FCX_Stack(config)#sh vlan eth 1/1/42
Total PORT-VLAN entries: 8
Maximum PORT-VLAN entries: 64
Legend: [Stk=Stack-Id, S=Slot]
PORT-VLAN 25, Name Old_Net, Priority level0, Spanning tree On
Untagged Ports: (U1/M1) 1 2 3 4 5 6 7 8 9 10 11 12
Untagged Ports: (U1/M1) 13 14 15 16 18 19 20 21 22 23 24 25
Untagged Ports: (U1/M1) 26 27 28 29 30 31 32 33 34 35 36 37
Untagged Ports: (U1/M1) 38 39 40 42 43 44 45 46 47 48
Untagged Ports: (U2/M1) 1 2 3 4 5 6 7 8 9 10 11 12
Untagged Ports: (U2/M1) 13 14 15 17 18 19 20 21 22 24 26 28
Untagged Ports: (U2/M1) 30 37 39 40 47
Tagged Ports: (U1/M3) 1 2
Tagged Ports: (U2/M3) 1 2
Uplink Ports: None
DualMode Ports: (U1/M1) 17
Mac-Vlan Ports: None
Monitoring: Disabled
telnet@DC_FCX_Stack(config)#
telnet@DC_FCX_Stack(config)#sh vlan eth 1/1/42
Total PORT-VLAN entries: 8
Maximum PORT-VLAN entries: 64
Legend: [Stk=Stack-Id, S=Slot]
PORT-VLAN 25, Name Old_Net, Priority level0, Spanning tree On
Untagged Ports: (U1/M1) 1 2 3 4 5 6 7 8 9 10 11 12
Untagged Ports: (U1/M1) 13 14 15 16 18 19 20 21 22 23 24 25
Untagged Ports: (U1/M1) 26 27 28 29 30 31 32 33 34 35 36 37
Untagged Ports: (U1/M1) 38 39 40 42 43 44 45 46 47 48
Untagged Ports: (U2/M1) 1 2 3 4 5 6 7 8 9 10 11 12
Untagged Ports: (U2/M1) 13 14 15 17 18 19 20 21 22 24 26 28
Untagged Ports: (U2/M1) 30 37 39 40 47
Tagged Ports: (U1/M3) 1 2
Tagged Ports: (U2/M3) 1 2
Uplink Ports: None
DualMode Ports: (U1/M1) 17
Mac-Vlan Ports: None
Monitoring: Disabled
telnet@DC_FCX_Stack(config)#
Sunday, September 13, 2015
Sunday Thought: Fully Known
JJ Heller has a somewhat newer song out called Fully Known. Take a good listen to the lyrics. Very good stuff.
Saturday, September 12, 2015
Late Pic Of The Week: Coming Out Of The Storm
Coming home this past week, I was in a storm most of my 5 hour drive. This was coming out of it.
Friday, September 11, 2015
Cisco Stack: Stacking 2960Gs
This is how the stacking cables go when you have the stacking module and stacking cables for the 2960G series switch. Just follow the cable colors I have outlined. Cisco automatically gets the stack configured. However, it doesnt automatically set priorities. You may want to make sure you do that.
Thursday, September 10, 2015
Cisco: Forklift Upgrade
This is one case where we have a Cisco replacing Cisco scenario. Its odd really. I see it from time to time, but usually I'm seeing Cisco being replaced by Brocade.
Tuesday, September 8, 2015
Check Point: Dual-ISP Config For Redundancy
Check Point does make it easy for ISP redundancy. You do have to make some changes in GAIA for port configuration, but in Smart Dashboard, its pretty straight forward. See below. This config is in R77.30.
Monday, September 7, 2015
Labor Day - 2015
Thanks to all of you who work to make a difference. No matter what your job is, somehow it makes a difference. Whether on a big or small scale, it doesn't matter. I used to say that what I do for a living (IT) really doesn't matter. After all, for 6000 years or so, they did without computers just fine. But, maybe to someone, it does matter in some small way.
So thank you to those who hold a job.
Alabama - Forty Hour Week
So thank you to those who hold a job.
Alabama - Forty Hour Week
Brocade ICX6610: Stable Code To Date
I talked to my local SE the other day. He says 8010h is the most stable for the ICX6610s. Just FYI.
Sunday, September 6, 2015
Sunday Thought: Who You Are
I just like Christian song lyrics. Most of them anyway. I think this video and song was well done. See what you think. Who You Are - JJ Heller
Saturday, September 5, 2015
Friday, September 4, 2015
The Confident Incompetent Engineer
I had a ShoreTel TAC call for a customer a few days back. In this case though, I had to go through this particular services provider first, before I could get to ShoreTel support. I don't own that contract, so I didn't have a choice in this matter.
Anyway, Ill make this long story short. I had two tech guys on the phone. A level 1 and a level 3 guy. The level 1 guy just kindof sat there while the level 3 guy took control. As an IT services guy, this guy seem confident to me. Until, he started talking about how the ShoreTel setup was configured. Now I did this install the way ShoreTel wants you to. This system has been up and running for quite a long time, a couple of years now. This guy tells me, ultimately, we have to reinstall the system because of the way it was installed. Well, that did not sit well with me and I refused to do it. But it was their reaction that really got to me. They then told me that there was nothing they could do about the issue at hand if I didnt want to reinstall.
Anyway, Ill make this long story short. I had two tech guys on the phone. A level 1 and a level 3 guy. The level 1 guy just kindof sat there while the level 3 guy took control. As an IT services guy, this guy seem confident to me. Until, he started talking about how the ShoreTel setup was configured. Now I did this install the way ShoreTel wants you to. This system has been up and running for quite a long time, a couple of years now. This guy tells me, ultimately, we have to reinstall the system because of the way it was installed. Well, that did not sit well with me and I refused to do it. But it was their reaction that really got to me. They then told me that there was nothing they could do about the issue at hand if I didnt want to reinstall.
Now this guys sounded very confident to me. I like that in a tech guy. However, he was not likable at all and very arrogant. He didn't mind trying to talk over me and he certainly wouldn't listen to what I had to say about the matter. Guys like this really have no place in customer service, if you ask me.
By the way, there was a registry entry that had to be edited to resolve the problem. This is where I would think to myself that the engineer I spoke with, the level 3 one, was a very confident incompetent engineer.
Thursday, September 3, 2015
Check Point: Upgrade From R77.10 To R77.30
I was having some clustering issues at a customer site between two 4200s. They were running R77.10, so I decided to upgrade them to R77.30 to see if it would resolve the issues. I couldn't see anything obvious wrong in the config, so I thought this was a good route to go. Thankfully, the upgrade to R77.30 appears to have worked in this case. Im glad for that.
So here is what I did.
Do a migrate export with the R77.10 migrate tools.
Do a migrate export with the R77.30 migrate tools (downloaded and installed them on the managmeent server).
Exported these off the management server to my laptop.
Upgraded management server in CLI to R77.30.
Upgraded the two enforcement modules to R77.30.
Upgrades were successful and it appears to have resolved the cluster issues we faced.
So here is what I did.
Do a migrate export with the R77.10 migrate tools.
Do a migrate export with the R77.30 migrate tools (downloaded and installed them on the managmeent server).
Exported these off the management server to my laptop.
Upgraded management server in CLI to R77.30.
Upgraded the two enforcement modules to R77.30.
Upgrades were successful and it appears to have resolved the cluster issues we faced.
Wednesday, September 2, 2015
Cisco Voice: FXS Funky Digit Manipulation
I dont love problems that dont make sense. I had this FXS module giving me a fit from the beginning of when I put it in place. Every time you dialed out with the fax machine, the customer complained about it not getting where it needed to go. So I showed up with my analog phone and sure enough, problems. In fact, I would just pick up my phone, and it would dial a random four digit number. Really odd. It dialed 1119, then 4354, then 1161. Every time was different. Turned out the module was bad. Time for an RMA.
Tuesday, September 1, 2015
Cisco Pix 501: Password Recovery Procedure
Can you believe that I had to do this??? I was asked to put in a Cisco Pix 501 for an internet connection. Yes, a Pix. Oh well. I didnt know the password, so I had to do a recovery. I downloaded a file from Cisco (or somewhere) and went through the process below. Have a TFTP server ready.
CISCO SYSTEMS PIX-501
Embedded BIOS Version 4.3.200 07/31/01 15:58:22.08
Compiled by morlee
16 MB RAM
PCI Device Table.
Bus Dev Func VendID DevID Class Irq
00 00 00 1022 3000 Host Bridge
00 11 00 8086 1209 Ethernet 9
00 12 00 8086 1209 Ethernet 10
Cisco Secure PIX Firewall BIOS (4.2) #6: Mon Aug 27 15:09:54 PDT 2001
Platform PIX-501
Flash=E28F640J3 @ 0x3000000
Use BREAK or ESC to interrupt flash boot.
Use SPACE to begin flash boot immediately.
Flash boot interrupted.
0: i8255X @ PCI(bus:0 dev:17 irq:9 )
1: i8255X @ PCI(bus:0 dev:18 irq:10)
Using 1: i82557 @ PCI(bus:0 dev:18 irq:10), MAC: 0013.c340.f24f
Use ? for help.
monitor> address 10.10.10.2
address 10.10.10.2
monitor> server 10.10.10.1
server 10.10.10.1
monitor> file np63.bin
file np63.bin
monitor> tftp
tftp np63.bin@10.10.10.1.....................................................................................................................................................................................
Received 92160 bytes
Cisco Secure PIX Firewall password tool (3.0) #0: Thu Jul 17 08:01:09 PDT 2003
Flash=E28F640J3 @ 0x3000000
BIOS Flash=E28F640J3 @ 0xD8000
Do you wish to erase the passwords? [yn] y
The following lines will be removed from the configuration:
enable password Zo5xMCqMemyT4GaK encrypted
passwd Zo5xMCqMemyT4GaK encrypted
Do you want to remove the commands listed above from the configuration? [yn] y
Passwords and aaa commands have been erased.
Rebooting....
CISCO SYSTEMS PIX-501
Embedded BIOS Version 4.3.200 07/31/01 15:58:22.08
Compiled by morlee
16 MB RAM
PCI Device Table.
Bus Dev Func VendID DevID Class Irq
00 00 00 1022 3000 Host Bridge
00 11 00 8086 1209 Ethernet 9
00 12 00 8086 1209 Ethernet 10
Cisco Secure PIX Firewall BIOS (4.2) #6: Mon Aug 27 15:09:54 PDT 2001
Platform PIX-501
Flash=E28F640J3 @ 0x3000000
Use BREAK or ESC to interrupt flash boot.
Use SPACE to begin flash boot immediately.
Flash boot interrupted.
0: i8255X @ PCI(bus:0 dev:17 irq:9 )
1: i8255X @ PCI(bus:0 dev:18 irq:10)
Using 1: i82557 @ PCI(bus:0 dev:18 irq:10), MAC: 0013.c340.f24f
Use ? for help.
monitor> address 10.10.10.2
address 10.10.10.2
monitor> server 10.10.10.1
server 10.10.10.1
monitor> file np63.bin
file np63.bin
monitor> tftp
tftp np63.bin@10.10.10.1.....................................................................................................................................................................................
Received 92160 bytes
Cisco Secure PIX Firewall password tool (3.0) #0: Thu Jul 17 08:01:09 PDT 2003
Flash=E28F640J3 @ 0x3000000
BIOS Flash=E28F640J3 @ 0xD8000
Do you wish to erase the passwords? [yn] y
The following lines will be removed from the configuration:
enable password Zo5xMCqMemyT4GaK encrypted
passwd Zo5xMCqMemyT4GaK encrypted
Do you want to remove the commands listed above from the configuration? [yn] y
Passwords and aaa commands have been erased.
Rebooting....
Subscribe to:
Posts (Atom)