Ask the Cisco Kid! Your one stop for all the Cisco Help you need.

27Jun/100

Cisco IOS Network Address Translation Overview

Here is a great article I found online.  It is a very good overview of what NAT is and how to make some sense of it.

Cisco IOS Network Address Translation

Filed under: Articles, Routers No Comments
19Mar/100

Activate ASDM as GUI Interface for Cisco ASA/PIX Firewall

pixfirewall> enable
Password:
pixfirewall# configure terminal
pixfirewall(Config)# interface ethernet1
pixfirewall(Config-if)# nameif inside
pixfirewall(Config-if)# ip address 192.168.1.1 255.255.255.0
pixfirewall(Config-if)# no shutdown
pixfirewall(Config-if)#

Activate ASDM and enable http server.

pixfirewall(Config)# asdm image flash:/asdm.bin.
pixfirewall(Config)# http server enable.

Open a connection for your PC. Example your pc IP address is 192.168.1.2

pixfirewall(Config)# http 192.168.1.2 255.255.255.255 inside

Make sure all your config running properly.

pixfirewall(Config)# show running http
http server enabled
http 192.168.1.2 255.255.255.255 inside
pixfirewall(Config)#

Now your Cisco ASA/PIX can be access from your PC.
Make sure your PC and Firewall has connected and open your web browser then enter this address https://192.168.1.1/admin

Filed under: ASA, Firewalls No Comments
17Mar/100

Top of Rack vs End of Row Data Center Designs

I came across this great article on the different types of Data Center network designs, Top of Rack vs End of Row. Great information! check it out at. InternetworkExpert.org

Filed under: AskTheCiscoKid.com, Quick Tips No Comments
22Dec/090

Install Cisco 1000v in 7 mins

Here is a quick guide on how to install the Cisco 1000v in your virtual envrioment.

Filed under: 1000v, Nexus No Comments
3Dec/090

Port Forwarding ASA 5505 (Static NAT)

For those of you searching the Internet to try and find a good or simple example of how port forwarding is done on a Cisco ASA 5505 firewall.

This post contains a working example of a port forwarding configuration on a Cisco ASA 5505 that's allowing RDP, TCP port 3389, through the firewall to from the Internet to the LAN side to a server. For new users to the ASA, how to configure a port forwarding rule on a Cisco ASA 5505 can be a more easily accomplished if the working configuration of a working ASA5505 is viewed.

Below is a GUI shot of a working RDP (Terminal Server) port forward configuration running on a Cisco ASA 5500 series firewall. The TCP port number 3398 is forwarded from the outside interface that's part of VLAN2 to the inside interface that's part of the VLAN1.

!
interface Vlan1 nameif
inside security-level 100
ip address 192.168.1.1 255.255.255.0
!
interface Vlan2 nameif
outside security-level 0
ip address dhcp setroute

Using the example below, just swap out the ip addresses shown in the static NAT translation for port forwarding RDP (terminal Server) with your own and you have a connection from the Internet to the LAN.

If you prefer command line, it's three lines of code at the command line that will do a simple port forwarding for RDP on the Cisco ASA.

Here they are:

access-list outside_access_in extended permit tcp any interface outside eq 3389
static (inside,outside) tcp interface 3389 192.168.1.10 3389 netmask 255.255.255.255
access-group outside_access_in in interface outside

Obviously, if you are looking to use the lines of code shown in the example above, change the 192.168.1.10 ip address shown above to be the address of the computer or server your forwarding RDP (terminal server) port to connect to. You can essentially use this example for terminal server RDP or for any other forwarding requirement you may have like ftp, http,smtp, etc.

Filed under: ASA, Firewalls No Comments
11Nov/090

Nexus 1000v Command Reference Guide

Came across this handy document on cisco's website.  It is all the commands for use on the nexus 1000v.

Nexus 1000v Command Reference Guide:

pdf-file-logo-icon

1000v Command Guide

Filed under: 1000v, Nexus No Comments
11Nov/090

Radius Authentication Nexus 1000v

One of the recent questions I have gotten is on Radius Authentication on a Nexus 1000v.  The nice thing about the 1000v is even though it is virtual it runs just like a physical cisco switch, so setting up Authentication is the same.  Here is the commands for my basic raidus configuration.

Radius First then Local Auth

aaa authentication banner # Unauthorized use is prohibited. #
aaa authentication fail-message # Failed login #
aaa authentication login default group radius local enable
aaa authentication login no_tacacs enable
aaa authorization network default group radius
aaa accounting exec default start-stop broadcast group radius

radius-server host IPADDRESSRADIUSSERVER auth-port AUTHPORT acct-port ACCTPORT key HOSTKEY

username myuser privilege 15 password mypass

Change to local Auth First then Radius

aaa authentication banner # Unauthorized use is prohibited. #
aaa authentication fail-message # Failed login #
aaa authentication login default group local radius enable
aaa authentication login no_tacacs enable
aaa authorization network default group radius
aaa accounting exec default start-stop broadcast group radius

radius-server host IPADDRESSRADIUSSERVER auth-port AUTHPORT acct-port ACCTPORT key HOSTKEY

username myuser privilege 15 password mypass

Filed under: 1000v, Nexus No Comments
18Aug/090

Supervisor 720 Card Requirements

When installing a Sup720 card in a chassis it is important to note that they will only work in the fallowing slots.  Also on a 6513 with a Sup 720 install the slots 1-8 get 20gbps and 9-13 get 40gbps.

Chassis

Slots for Supervisor Engine 720

6503/6503-E/7603

1 or 2

6506/6506-E/7606

5 or 6

6509/6509-E

5 or 6

6509-NEBS/6509-NEBS-A/OSR-7609

5 or 6

Cisco 7609

5 or 6

6513/7613

7 or 8
Filed under: Switchs No Comments
14Aug/090

Resetting the LWAPP Configuration on a Lightweight AP

If you are using a Wireless Controller and for some reason you want to reset the AP.  There are 3 different ways to do this depending on your current set up.

Using the Controller.

  1. Login in to Controller
  2. Wireless
  3. All Aps
  4. Select Ap you want to reset
  5. Click reset to Factory defaults

Using the Console.

  1. Console in
  2. run command:  clear lwapp private-config

Using the Reset Button.

  1. Unplug the AP from Power.
  2. Push and hold the "Mode" button use a pen if needed.
  3. Plug in the the power.
  4. Hold the "Mode" button until Status light goes from yellow to purple. About 30 seconds.
  5. Release "Mode"  button
Filed under: Controller, Wireless No Comments
   Older Entries »


Tags

1000v 1242 AP 6513 7911g 7925 AAA Articles ASA ASCII ASDM Basic Cisco 7925 Config Console DHCP Factory GUI IAS IOS LAP LOGO LWAPP NAT News New Switch Nexus Quick Tip Radius Reset Router Sup720 Twitter Video VOIP

Categories

Links

User Control

Twitter

twitterFollow Me on Twitter!

Information Technology Blog Directory

Sponsored Links