Cisco ASA certificate expiry

show crypto ca certificate

show ssl

Sonicwall loopback

LOOPBACK POLICY USING WAN INTERFACE'S IP ADDRESS

Login to the SonicWall management GUI.

Navigate to Manage | Rules | NAT Policies submenu.

Click  Add.

Create the following NAT policy.

Original Source: LAN Subnets (or Firewalled Subnets if you want hosts in other zones to be included).

Translated Source: WAN Interface IP.

Original Destination: WAN Interface IP.

Translated Destination: Server's Private IP Object (i.e. 192.168.0.254).

Original Service: Any (or a custom service).

Translated Service: Original.

Inbound Interface: Any.

Outbound Interface: Any.

BGP commands

show ip route

show ip bgp neighbor 192.168.111.100 advertised-routes

BGP Default Routing

OPTION 1 - route-map

ip prefix-list MUST-EXIST permit 10.1.1.1/32 ! route-map CONDITION permit 10  match ip address prefix-list MUST_EXIST ! Router BGP 65123  neighbor 10.0.123.2 default-originate route-map CONDITION

OPTION 2 - advertise-map

ip prefix-list MUST-EXIST permit 10.1.1.1/32 ip prefix-list DEFAULT_ROUTE permit 0.0.0.0/0 ! route-map MUST_EXIST permit 10 match ip address prefix-list MUST_EXIST ! route-map DEFAULT_ROUTE  match ip address prefix-list DEFAULT_ROUTE ! Router BGP 65123  neighbor 10.0.123.2 advertise-map DEFAULT_ROUTE exist-map MUST_EXIST 

BGP Routing basics

router bgp 65000  neighbor [name] peer-group  neighbor [name] remote-as 65000  neighbor [name] update-source loopback0 ! neighbor 2.2.2.2 peer-group [name] neighbor 3.3.3.3 peer-group [name]

Cisco WAP hidden commands

To upload new firmware. AP#debug lwapp console cli or debug capwap console cli

Avaya SNMPv3

snmp-server user prtg sha [password] aes [password]

snmp-server user prtg group "[groupname]"

snmp-server group "[groupname]" "" auth-no-priv read-view root write-view root notify-view root

Cisco 2960S Switch - Ip Routing

Login to switch and goto enable mode.

sdm prefer lanbase-routing

Configuring WPA on 1242 without WLC

dot11 ssid SSID-NAME    authentication open     authentication key-management wpa    wpa-psk ascii PASSWORD

 int d0

ssid SSID-NAME

int d1

ssid SSID-NAME

int d0

ssid SSID-NAME

encryption vlan 15 mode ciphers aes-ccm

int d1

ssid SSID-NAME

encryption vlan 15 mode ciphers aes-ccm

Reseting Cisco 1841 Router

Please see the regular process to reset the password on 1841 Router below,

Connect the console cable to Router 1841

Use the power switch in order to turn off the router, and then turn the router back on

Press Break on the terminal keyboard within 60 seconds of power up in order to put the router into ROMMON

Type confreg 0x2142 at the rommon 1> prompt in order to boot from Flash

          This step bypasses the startup configuration where the passwords are stored

Type reset at the rommon 2> prompt.

          The router reboots, but ignores the saved configuration.

Type no after each setup question, or press Ctrl-C in order to skip the initial setup procedure.

Type enable at the Router> prompt.

You are in enable mode and should see the Router# prompt.

Type copy startup-config running-config in order to copy the nonvolatile RAM (NVRAM) into memory.

After this type "config-register 0x2102" as this will make sure after the next reboot to save settings.

Finding where computer is plugged into on a switch.

1. From a router or layer 3 switch...ping the ip address.  2. Do show arp | include "type ip address here"  This will give you the mac address associated with the arp.  3. Do a show mac address-table | include "type mac address learned from 2."  This will show you what vlan it is on and what trunk it used ie. gig 2/3 or gig 0/2.  4. Next you do a show cdp neighbor detail to learn ip address of next switch.  5. Repeat step 1.  6. Repeat step 2.  7. Repeat step 3. If mac address is on a trunk port....you have to do step 4 and go to next switch. If mac addess is on switchport....you have found port workstation is plugged into. 

  For 6509 instead of mac address-table use "show cam dynamic | include <macaddress>