0

Config snippets : Cisco : Testing RADIUS authentication on IOS

-

Recently was migrating RADIUS server on Windows from one machien to another. Once new serer was ready had to reconfigure Cisco router to authenticate remote users against new RADIUS. After pointing Cisco to new RADIUS machine made a quick test to check if router can authenticate without any issues. Here is how ot do it quickly:

(more…)

0

Config snippets : Cisco : Resetting interface statistics on Catalyst

-

Recently I went through troubleshooting of Site-to-Site Layer-2 link. One of the things we did during troubleshooting of that link was checking interface statistics for interfaces which were connecting two geographical sites together.

Below quick overview how ot check and reset port statistics if required during troubleshooting process.

(more…)

0

Simple L2L IPsec VPN on Cisco

-

This is simple Lab environment I built when was working on IPsec VPN tunnel between our internal network environment and 3rd party vendor systems. As we had some issues with establishing IPsec communication, to make sure that everything is fine on my side I start replicating live environment in Lab. To build test environment quick I use GNS3 as platform to run Dynamips hypervisor for IOS. That speeds up whole process of preparation and testing.


(more…)

0

Config snippets : Cisco : Configuring SNMPv3

-

Create Read Only SNMPv3 user – IOS

snmp-server group viewers v3 auth
snmp-server user snmpView viewers v3 auth md5 uHNKmuLP0lXOp8ODFkmJ
snmp-server group viewers v3 auth read viewConfig
snmp-server view viewConfig system included
snmp-server view viewConfig internet included
snmp-server view viewConfig mib-2 included
snmp-server view viewConfig cisco included
snmp-server view viewConfig ciscoConfig included
snmp-server view viewConfig ciscoImageMIB included
snmp-server view viewConfig snmpMIB included

Create Read Write SNMPv3 user – IOS

snmp-server group writers v3 auth
snmp-server user snmpWrite writers v3 auth md5 jB7HCiNBoGsk5qgfasHQ
snmp-server group writers v3 auth write writeConfig
snmp-server view writeConfig system included
snmp-server view writeConfig internet included
snmp-server view writeConfig mib-2 included
snmp-server view writeConfig cisco included
snmp-server view writeConfig ciscoConfig included
snmp-server view writeConfig ciscoImageMIB included
snmp-server view writeConfig snmpMIB included

Create Read Only SNMPv3 user – ASA

snmp-server group viewers v3 auth
snmp-server user snmpView viewers v3 auth md5 uHNKmuLP0lXOp8ODFkmJ
snmp-server host inside 0.0.0.0 version 3 snmpView

NOTE: Please keep in mind that certain ACLs might require modification in order to allow SNMP protocol access.

0

Config snippets : Cisco : DHCP on Catalyst switches

-

Usually I tend to create DHCP server on Windows Server. However, sometimes there is no server on site. Only what I have are network devices, workstations and voip phones. In those cases I used to create DHCP server on switches. As environment I operate in contains mainly Cisco devices, each location has at least one or more Cisco Catalyst switches (2960 or 3560) it is possible to provide DHCP service using IOS features. Example contains DHCP configuration for network with different VLANs for data, voice and printers.

Below is short description and set of commands demonstrating how to setup:

  • DHCP scopes
  • Exclusions
  • Define DHCP helper on the interface
  • Check status of DHCP assignments

(more…)