Path Trace

4 month ago with no comments in APIC-EM
If you’ve ever had to trace the actual path a packet takes it can be tedious. There are some great commercial tools out there ...

Finding a Host

4 month ago with no comments in APIC-EM
I wrote an article a long time ago on how to find out where a host is connected. APIC-EM’s host inventory makes finding a host a ...

Easy VSS

7 month ago with 2 comments in Switch
VSS isn’t the hardest thing in the world to configure, but at times it can be a pain. Cisco must have realized this and came up ...

Using Dynamic Access Policies for Controlling VPN

8 month ago with Comments Off on Using Dynamic Access Policies for Controlling VPN in ASA
One of the easiest ways, in my opinion, to control VPN access is with DAP. Let’s dig into this with an example. We will be ...

Cisco Web Security (CWS)

1 year ago with Comments Off on Cisco Web Security (CWS) in ASA, Security
Cisco Web Security (formerly ScanSafe) is a cloud based Web Filtering solution. It works pretty well and integrates with Anyconnect so ...

CCIE Lab Quickies

1 year ago with Comments Off on CCIE Lab Quickies in No Tweet
Alias’s for long commands Some alias’s for BGP alias exec inroutes show ip bgp neighbor 198.0.50.23 received-routes alias ...

Speeding up the config

1 year ago with Comments Off on Speeding up the config in Route, Switch
There’s nothing worse (OK there is) than working on a fully populated 6513 and you type show run and hit enter. Hurry up and wait ...

TDR cable test

2 years ago with Comments Off on TDR cable test in Switch, Troubleshooting
How many times have been working on a problem and got to the point where you thought it might be the cable that’s causing ...

AAA with Cisco Network Assistant

2 years ago with Comments Off on AAA with Cisco Network Assistant in Security, Switch
I’m not a huge fan of CNA or GUI’s in general, however I have a couple of customers that use it. I recently configured a ...

EIGRP Named Mode

2 years ago with Comments Off on EIGRP Named Mode in Route
I previously posted on converting from converting from Classic to Named mode with EIGRP. I recently had a more complex configuration; ...

Cisco Call Home

2 years ago with Comments Off on Cisco Call Home in Network Management, Route
Call me paranoid but I do not like anything automatically sending data somewhere. In all of my templates I disable/remove Cisco’s ...

Secure the control plane with QoS

2 years ago with Comments Off on Secure the control plane with QoS in Route, Security, Switch
I was playing around with different ways to secure a device that does not support Control Plane Protection yet. I thought QoS might be ...

Code for button in Visio

2 years ago with Comments Off on Code for button in Visio in Miscellanous
In Visio I like to use buttons to turn layers on and off. Here’s code that uses a single button for turning on and off the layer ...

Sourcefire with User Certificate

2 years ago with Comments Off on Sourcefire with User Certificate in Sourcefire
I was doing a Sourcefire/Defense Center install and the customer wanted to add their wildcard certificate to the Defense Center Web ...

Menu’s in IOS

3 years ago with Comments Off on Menu’s in IOS in Miscellanous, Route
I recently had to build a menu for a customer. It’s not something I do often, but they can be pretty handy. In this example there ...

Regex helpers

3 years ago with Comments Off on Regex helpers in Miscellanous
I need help remembering what regex’s do what for me and instead of re-learning them over and over, I thought I would post the ...

Route filtering in BGP

4 years ago with no comments in Route
Best practices is to not trust your ISP’s and filter routes (just in case they forget to). There are three common ways to filter; ...

HTTP Probe on the ACE

4 years ago with no comments in ANS
Configuration example of an HTTP Probe and ACL on an ACE. access-list ACL-PERMIT-WEB line 1 extended permit tcp any gt 1024 any eq ...

ASA-X serial number

4 years ago with no comments in ASA
Typically for a device we use show version to view the serial number. However, for some strange reason, in the ASA-X the number that is ...

3750-X stacks suck

4 years ago with no comments in Switch
If you read a majority of my posts you may think I’m a Cisco hater. I’m not. I’ve made a career from them and it has ...

NEXUS run-script

5 years ago with no comments in NEXUS
I ran across the run-script command for the Nexus the other day. It’s very helpful for putting the base config on the switch. ...

URL filter on ASA

5 years ago with 6 comments in ASA
A lot of people post on NetPro that they want to permit or restrict by domain names on a PIX/ASA firewall. You can’t just type in ...

AnyConnect VPN User

5 years ago with no comments in ASA
show vpn-sessiondb remote filter name ASA-VPN-1# show vpn-sessiondb remote filter name MMessierSession Type: IPsecUsername : MMessier ...

Read only ASDM

5 years ago with no comments in ASA
First we have to configure local AAA. We must configure authorization so we can tell what user gets what level of commands.aaa ...

Configure SSH on ASA

5 years ago with no comments in ASA
Configure SSH on a PIX PIX(config)#hostname PIXOnePIXOne(config)#domain-name mydomain.comPIXOne(config)#ca generate rsa key ...

Basic ASA config

5 years ago with no comments in ASA
Basic config for ASA no service call-homeclear config call-homeftp mode passiveclock timezone CST -6clock summer-time CDT recurringdns ...

CYA

5 years ago with no comments in Troubleshooting
Here’s some things you may want to do to make sure you don’t leave yourself hanging in the breeze when things go SNAFU. ...

CoPP on routers

5 years ago with 1 comment in Route
First I create the access lists that determine what I want to control or have access to. Notice that there are multiple access lists. I ...

Verifing IOS images

5 years ago with no comments in Route
Verifing the IOS image is a smart thing to do. It’s relatively easy for the image to get corrupt, especially if you use TFTP ...

CoPP on a router

5 years ago with no comments in Route
First I create the access lists that determine what I want to control or have access to. Notice that there are multiple access lists. I ...

PPPoE on a router

5 years ago with no comments in Route
interface FastEthernet0/1 description DSL WAN Interface no ip address no ip redirects no ip unreachables no ip proxy-arp no ip ...

Clean and Press ToM

5 years ago with no comments in Exercise
This one is brutal, no fun, just painful 🙂  Grab two kettlebells so they equal 50-60% of your body weight. Start your minute timer and ...

Run Farmer Run

5 years ago with no comments in Exercise
Grab some kettle bells or a D-Ball, about 50% of your body weight. I usually do this one in the gym or on the track to keep track of ...

Five Lords

5 years ago with no comments in Exercise
Grab a D-Ball (www.d-ball.com) that’s 40-50% of your body weight. Start with the ball on the ground. Do a burpee with your hands ...

Quadzilla

5 years ago with no comments in Exercise
A fun, tough, and sore leg workout I came up with. Body weight squat (just squat down with your hands on your head) 50 times then ...

NEXUS Tips-N-Tricks

5 years ago with no comments in NEXUS
Show running config of multiple interfacesshow run interface e3/5 – 6 The section command has been removed, however you can still ...

AIM Daughter Card

5 years ago with no comments in Route
To check and see if the card is being recognized by IOS RTR3825-1#show crypto engine briefcrypto engine name: Virtual Private Network ...