Sunday 8 November 2015

Cisco wireless LAN controller WLC ROAM configuration

CISCO WIRELESS LAN CONTROLLER ROAMING
CONFIGURATION
Objective;
  1. 1.     Create a COMMON WLAN on both the
    controllers
  2. 2.     Configure the same mobility group on
    both controllers
  3. 3.    
    Confirm Virtual interface is the same
    on both controllers
  4. 4.    
    Configure each controller as the same
    mobility group member          
  5. 5.    
    Verify Laptop connection to AP 1
  6. 6.    
    Disable AP 1
  7. 7.    
    Verify Laptop connection to AP 2




























Posted by at 7 comments:

Thursday 29 October 2015

How to convert Cisco access point from autonomous mode to lwapp



HOW TO
CHANGE CISCO AP FROM AUTONOMOUS TO LWAPP

1.  
Download
the IOS
2.  
Connect
PC LAN interface and Access Point LAN interface
3.  
Check connectivity
between PC and Access point
4.  
Start
TFTP server and ensure folder is correct
5.  
Type the
command;
archive
download-sw /force-reload tftp://192.168.0.42/c1130-k9w8-tar.124-25e.JAP4.tar


Wait
for IOS to upload and extract




Posted by at 3 comments:

Tuesday 27 October 2015

How to configure standalone Cisco access point from GUI and configure WPA2 authentication


CONFIGURE CISCO STANDALONE  AP FROM THE GUI



Network Diagram











1.  Assign static IP address to AP
2.  Create SSID name of WLAN1
3.  Broadcast the SSID
4.  NO security
5.  Enable wireless interfaces
6.  Check connectivity
7.  Configure AP with a WPA2 PSK authentication



Posted by at 2 comments:

Monday 26 October 2015

CISCO AIR WIRELESS LAN CONTROLLER CONFIGURATION LAB part 1

CISCO WIRELESS LAN CONTROLLER CONFIGURATION

 Objective;
1.    Configure a cisco WLC using CLI setup wizard   
2.    Connect to the Controller using Web interface
3.    Allow telnet connections to the controller
4.    Create a WLAN with open authentication
5.    Create a DHCP scope to support local clients
6.    Verify AP
7.    Connect to new WLAN

1. Management interface 10.1.1.100/24 AP uses this interface to discover
controller
2. AP Manager interface 10.1.1.101/24 Used for L3 comms to all AP- now gone
3. Service port interface Used for OOB management 192.168.0.200/24


887 Router configuration
Interface
fastEthernet 3
Description
trunk link to 2960switch1
Switchport
mode trunk
!
Interface
fastEthernet 0
Description
access link to internet
Switchport
mode access
Switchport
access vlan 1
!
Interface
vlan 1
Description
VLAN 1 SVI to internet
Ip
address 192.168.0.202 255.255.255.0
Ip nat
outside
!
Interface
vlan 10
Description
default gateway for WLAN10
Ip
address 10.1.1.1 255.255.255.0
Ip nat
inside
!
Interface
vlan 20
Description
default gateway for WLAN20
Ip
address 20.1.1.1 255.255.255.0
Ip nat
inside
!
Ip nat
inside source list 1 interface vlan1 overload
!
access-list
1 permit 10.0.0.0 0.255.255.255
access-list
1 permit 20.0.0.0 0.255.255.255
Ip
route 0.0.0.0 0.0.0.0 vlan1 192.168.0.1
!

 2960 Switch Configuration

vlan
10
 name WLAN10
!
vlan
20
 name WLAN20
!
interface
FastEthernet0/1
Description
link to router fastEthernet3
 switchport mode trunk
!
interface
FastEthernet0/2
description
link to wireless AP1
 switchport access vlan 10
!
interface
GigabitEthernet0/1
description
link to WLC1
 switchport mode trunk
!
interface
vlan 1
description
OOB management of switch
ip
address 192.168.0.201 255.255.255.0
!
ip
default-gateway 192.168.0.1


CONTROLLER CONFIG

Controller Management interface IP
10.1.1.100/24

AP manager interface
10.1.1.101/24

Service port for OOB
192.168.0.200/24

2960 switch  OOB
192.168.0.201/24

887 Router  OOB
192.168.0.202/24

887 VLAN 10 IP
10.1.1.1/24

887 VLAN 20 IP
20.1.1.1/24

WLAN10
SSID

WLAN20
SSID

Controller DHCP scope VLAN 10
10.1.1.10 – 10.1.1.20

Controller DHCP scope for VLAN 20
20.1.1.10 – 20.1.1.20

System Name [Cisco_8a:6c:23] (31characters max): WLC1
Enter Administrative User Name (24characters max): admin
Enter Administrative Password (3 to 24 characters): Cisco12345
Re-enter Administrative Password: Cisco12345
Service Interface IP Address
Configuration [static][DHCP]: static
Service Interface IP Address Configuration: 192.168.0.200
Service Interface netmask: 255.255.255.0
Enable Link Aggregation (LAG) [yes][NO]: NO
Management Interface IP Address: 10.1.1.100
Management Interface Netmask: 255.255.255.0
Management Interface Default Router: 192.168.0.1
Management Interface VLAN Identifier (0 = untagged): 10
Management Interface Port Num [1 to 2]: 1
Management Interface DHCP Server IP Address: 10.1.1.100
AP Manager Interface IP Address: 10.1.1.101
AP-Manager is on Management subnet, using same values
AP Manager Interface DHCP Server (10.1.1.100):
Virtual Gateway IP Address: 1.1.1.1
Mobility/RF Group Name: RGGROUP1
Network Name (SSID): WLAN10
Configure DHCP Bridging Mode [yes][NO]: NO
Allow Static IP Addresses [YES][no]: YES
Configure a RADIUS Server now? [YES][no]: NO
Warning! The default WLAN security policy requires a RADIUS server.
Please see documentation for more details.
Enter Country Code list (enter 'help'
for a list of countries) [US]: GB
Enable 802.11b Network [YES][no]: YES
Enable 802.11a Network [YES][no]: YES
Enable 802.11g Network [YES][no]: YES
Enable Auto-RF [YES][no]: YES
Configure a NTP server now? [YES][no]: YES
Enter the NTP server's IP address: 10.1.1.1
Enter a polling interval between 3600 and 604800 secs: 3600


Posted by at 4 comments:

Wednesday 21 October 2015

Cisco 1240 1130 1140 AP LWAPP to Autonomous mode conversion

 HOW TO CHANGE CISCO AP FROM LWAPP TO AUTONOMOUS

1.  Download the IOS
2.  Make sure on File options change view settings to hide extensions for known               file types.
3.  Rename the file .default example ;

For 1240 AP;   c1240-k9w7-tar.default
For 1130 AP;   c1130-k9w7-tar.default

4.  Connect PC LAN interface to Access Point LAN interface
5.  Change PC IP address to 10.0.0.2 or above
6.  Start TFTP server and ensure folder is correct
7.  Boot up the AP and hold the mode button for 30 seconds
8.  Ensure message on console says waiting for mode to be released
9.  That’s it! Wait for IOS to upload and extract




Posted by at 1 comment:

Monday 19 October 2015

HOW TO INSTALL CISCO ASDM ON GNS3 ASA

HOW TO INSTALL CISCO
ASDM ON GNS3 ASA
1.  
Download ASDM file  asdm-649-103.bin
2.  
Basic configuration of ASA
interface GigabitEthernet0
 nameif outside
 security-level 0
 ip address 192.168.0.100 255.255.255.0
!
http server enable
http 192.168.0.101 255.255.255.255
outside
aaa authentication http console LOCAL
!
username admin password cisco
privilege 15
3.  
Install TFTP Server on PC
4.  
Make sure you have Java
5.  
Turn off windows firewall
6.  
TFTP ASDM file to ASA
7.  
https to the ASA
8.  
Download ASDM to PC


9.  
RUN ASDM














Posted by at 2 comments:

Friday 9 October 2015

GNS3 1.3.10 Server error [-3200] from 127.0.0.1:8000: SW1: unable to create generic ...

I upgraded from windows 8.1 to windows 10 upgrade and upgraded GNS3 from 1.3.1 to 1.3.10. 
After the upgrade none of my virtual box machines would connect to GNS3
I solved it by connecting each  virtual box machine via  GNS3 Virtual box;

1. From GNS3 edit then preferences
2. under virtual box VM click virtual box VMs
3. click new
4. choose the VM you want to connect to
5. check the network settings are correct and make sure it selects the correct network interface
6. click apply and o.k.
7. go back to main GNS3 under host you should have the VM machine you want to connect to
8. drag it into the network
9. got to virtual box settings and make change the VM network setting to not attached and make sure cable connected on the advance settings
10. start the host under gns3 (make sure you do not start the VM yourself)
11. GNS3 will now start the VM for you
12. ALL SHOULD WORK!  


Posted by at 4 comments:

Wednesday 7 October 2015

HOW TO INSTALL AND CONFIGURING Cisco Configuration Professional CCP 2.8 USING HTTP AND HTTPS

INSTALL AND CONFIGURING Cisco Configuration Professional CCP 2.8 USING HTTP AND HTTPS



PART 1 Install CCP Configuration

Install Java   1.6.0_11 or above
Adobe Flash Player Version 10.0.12.36 and later
Turn off windows firewall
Turn of pop up blocker
Configure JAVA –

Step 1 Go to Start > Control Panel > Java.
Step 2 Click View under Java Applet Runtime Settings.
Step 3 Select your JRE in use.
Step 4 Set the "Java runtime parameters" with the value "-Xmx256m -Dsun.java2d.d3d=false".
In addition, if JRE is upgraded to versions 1.6.0_11 or above, following settings are needed after Cisco Configuration Professional installation.

Step 1 Go to Start > Control Panel > Java > Advance.
Step 2 Select "Java Plug-in" tree.
Step 3 Uncheck the check box for Enable next-generation Java Plug-in.
Step 4 Restart Cisco Configuration Professional.

Install CCP

PART 2 Configure CCP Access for Routers
Enable a secure HTTP server and HTTPS secure server
Create a user account with privilege level 15
Configure SSH and Telnet access for local login

PART 3 Discover devices
Manage communities
Discover router devices

PC REQUIREMENTS
The following table summarizes the minimum PC requirement to run CCP:
PC operating systems Windows 7, Windows Vista: Business Edition and Ultimate Edition
Mac OSX 10.5.6 running Windows XP using VMWare 2.0
Other software Sun JRE 1.5.0_11 up to 1.6.0_16
Adobe Flash Player Version 10.0.12.36 and later
PC hardware Minimum 2-GHz processor
1-GB DRAM minimum; 2 GB recommended
Screen Resolution: 1024 x 768
Free disk space of 400 MB
Browser requirements Microsoft IE 6.0 or later

The following JRE settings are needed for Cisco CP to function properly:

Go to Start > Control Panel > Java.
Click View under Java Applet Runtime Settings.
Select your JRE in use.
In addition, if JRE is upgraded to versions 1.6.0_11 or above, following settings are needed after
Cisco CP installation.
Go to Start > Control Panel > Java > Advanced tab.
Click Java Plug-in tree.
Uncheck the check box for Enable Next-generation Java Plug-in.
Set the "Java runtime parameters" with the value "-Xmx256m -Dsun.java2d.d3d=false"
Restart Cisco CP.

Link to release notes for CCP:
CCP version 2.5:
http://www.cisco.com/en/US/docs/net_mgmt/cisco_configuration_professional/v2_5/rlsnts/ccp_rel_notes.html
CCP version 2.6:
http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_configuration_professional/v2_6/rlsnts/ccp_rel_notes.html
CCP version 2.7:
http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_configuration_professional/v2_7/rlsnts/ccp_v27_rel_notes.html

CCP version 2.8:
http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_configuration_professional/v2_8/rlsnts/ccp_v28_rel_notes.html#pgfId-53992


Posted by at 1 comment:

Wednesday 23 September 2015

How to install Cisco ASA on GNS3 1.3.1

ASA on GNS3 1.3.1






  1.  Navigate to Edit > Preferences > Qemu > Qemu VMs.
  2.  Click New at the bottom of the UI.
  3.  You'll get a popup box " New Qemu VM ".
  4.  Give a name to your vm and select the TYPE as ASA 8.4(2).
  5.  Select your Initial RAM Disk file (***initrd.gz) and your kernel image (***vmlinuz)  and click on    finish.
  6.  Go back to Qemu > Qemu Vms.
  7.  Select your ASA vm and click on Edit.
  8.  On the " Qemu VM configuration " pop up UI , go to Advanced  Settings configuration tab.
  9.  On kernel command line replace the content there with:
  10.  The following is the best possible kernel command (already included  as a default in the new       GNS3 v1.3.1):
  11. -append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb    console=ttyS0,9600 bigphysarea=65536 ide1=noprobe no-hlt -net nic
  12. On options : Replace the content with:
  13. -vnc none -vga none -m 1024 -icount auto -hdachs 980,16,32

Posted by at No comments:

Saturday 11 April 2015

Cisco Switch password recovery

CISCO SWITCH PASSWORD RECOVERY



Step-by-Step Procedure

Follow the password recovery procedure below.
1.    Attach a terminal or PC with terminal emulation (for example, Hyper Terminal) to the console port of the switch.
·         Use the following terminal settings:
·         Bits per second (baud): 9600
·         Data bits: 8
·         Parity: None
·         Stop bits: 1
·         Flow Control: Xon/Xoff
2.    POWER CYCLE SWITCH
3.    Power the switch and bring it to the switch: prompt:
For 2900XL, 3500XL, 2940, 2950, 2960, 2970, 3550, 3560, and 3750 series switches, do this: Hold down the mode button located on the left side of the front panel, while you reconnect the power cable to the switch.


Catalyst Switch Series
LED Behavior and Mode Button Release Action
2900XL, 3500XL, 3550
Release the Mode button when the LED above Port1x goes out.
2940, 2950
Release the Mode button after approximately 5 seconds when the Status (STAT) LED goes out. When you release the Mode button, the SYST LED blinks amber.
2960, 2970
Release the Mode button when the SYST LED blinks amber and then turns solid green. When you release the Mode button, the SYST LED blinks green.
3560, 3750
Release the Mode button after approximately 15 seconds when the SYST LED turns solid green. When you release the Mode button, the SYST LED blinks green.

4.    Issue the flash_init command.

switch: flash_init
Initializing Flash...
flashfs[0]: 82 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 7741440
flashfs[0]: Bytes used: 5983744
flashfs[0]: Bytes available: 1757696
flashfs[0]: flashfs fsck took 7 seconds.
...done initializing flash.
Boot Sector Filesystem (bs:) installed, fsid: 3
Parameter Block Filesystem (pb:) installed, fsid: 4

5.    Issue the load_helper command.

Issue the load_helper command.
switch: load_helper
switch:

6.    Issue the dirflash: command.


Issue the dir flash: command.
Note: Make sure to type a colon ":" after the dir flash.
switch: dir flash:
Directory of flash:/

2    -rwx  2980731   <date>               c2950-i6q4l2-mz.121-19.EA1c.bin
3    -rwx  269       <date>               env_vars
4    -rwx  796       <date>               vlan.dat
5    -rwx  1478      <date>               config.old
6    -rwx  5         <date>               private-config.text
7    -rwx  110       <date>               info
8    drwx  2432      <date>               html
85   -rwx  110       <date>               info.ver

1757696 bytes available (5983744 bytes used)
!--- This output is from a 2950  switch. Output from
!--- other switches will vary slightly.


Type rename flash:config.text flash:config.old to rename the configuration file.
switch: rename flash:config.text flash:config.old
switch:

!--- The config.text file contains the password
!--- definition.


8.    Issue the dirflash: command.


Issue the dir flash: command.
Note: Make sure to type a colon ":" after the dir flash.
The switch file system is displayed:
switch: dir flash:
2    -rwx  2980731   <date>               c2950-i6q4l2-mz.121-19.EA1c.bin
3    -rwx  269       <date>               env_vars
4    -rwx  796       <date>               vlan.dat
5    -rwx  1478      <date>               config.old
6    -rwx  5         <date>               private-config.text
7    -rwx  110       <date>               info
8    drwx  2432      <date>               html
85   -rwx  110       <date>               info.ver


!--- This output is from a 2950 switch. Output from
!--- other switches will vary slightly.

9.    Issue the boot command.

Issue the boot command to boot the system.
switch: boot
switch: boot
Loading "flash:/c2950-i6q4l2-mz.121-19.EA1c.bin"...##################################################################################################################################################################################################################################################################################################

10. Issue the no  command at the initial dialog prompt

Enter "n" at the prompt to abort the initial configuration dialog.
--- System Configuration Dialog ---
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
Continue with configuration dialog? [yes/no]: n

!--- Type "n" for no.

Press RETURN to get started.

!--- Press Return or Enter.

Switch>

!--- The Switch> prompt is displayed.

At the switch prompt, type en to enter enable mode.
Switch>en
Switch#

IF YOU WANT YOUR OLD CONFIG BACK THEN FOLLOW STEPS 11 ONWARDS OTHERWISE YOU ARE NOW DONE!

11. Issue the rename flash:config.old flash:config.text  command at the initial dialog prompt

Type rename flash:config.old flash:config.text to rename the configuration file with its original name.
Switch#rename flash:config.old flash:config.text
Destination filename [config.text]

!--- Press Return or Enter.

Switch#
Copy the configuration file into memory.

12. Issue the copy flash:config.text system:running-config command at the initial dialog prompt

Switch#copy flash:config.text system:running-config
Destination filename [running-config]?

!--- Press Return or Enter.

1131 bytes copied in 0.760 secs
Sw1#
The configuration file is now reloaded.
Overwrite the current passwords that you do not know. Choose a strong password with at least one capital letter, one number, and one special character.
Note: Overwrite the passwords which are necessary. You need not overwrite all of the mentioned passwords.
Sw1# conf t


!--- To overwrite existing secret password

Sw1(config)#enable secret <new_secret_password>

!--- To overwrite existing vty password

Sw1(config)#line vty 0 15
Sw1(config-line)#password <new_vty_password>

Sw1(config-line)#login


!--- To overwrite existing console password

Sw1(config-line)#line con 0
Sw1(config-line)#password <new_console_password>

Write the running configuration to the configuration file with the write memory command.

Sw1#write memory
Building configuration...
[OK]
Sw1#


Posted by at 1 comment:
Labels: , , , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)