I purchased some used Cisco C1140 autonomous access points for my home network (autonomous meaning not lightweight or requiring a WLC). While everything seemed to be fine at first, later we noticed that printouts to our Canon laser printer were no longer working from our Macs. After some research I realized that the Macs were . . . → Read More: Fix Apple Bonjour with Cisco autonomous APs
|
|||||
|
Some important Cisco ASA firewall details I and others have learned and shared over the years: Don’t use “security-level” as your method of security. In the long term at best “security-level” will cause you to block traffic you didn’t expect, at worst, it will allow traffic you didn’t want. Why? Well… If you add an . . . → Read More: ASA Firewall Rules of Thumb If you get something like this in your Cisco’s IOS firewall log: Mar 12 15:05:33 192.168.1.1 3129: 003121: *Mar 12 15:03:03.195 EST: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:525214740 1415 bytes is out-of-order; expected seq:525170856. Reason: TCP reassembly queue overflow – session 192.168.1.5:53022 to 208.79.250.63:80 on zone-pair ccp-zp-in-out class ccp-protocol-http sometimes accompanied by hangs in . . . → Read More: Zone Firewall TCP reassembly size Completely different from Cisco IOS, so hard to remember: Log into the PIX/FWSM and go to “enable” mode. Do a “who”:
Choose the IP of the session you want to kill and grab the number. In this case I want to kill the “192.168.100.5” session, so I want “2”. Then kill it:
The . . . → Read More: How to kill a session on a Cisco PIX/FWSM One of the things that most drives me crazy about Ciscos is the default setting that makes when you’re at a Cisco IOS “exec” prompt that if you type something that isn’t a command, it interprets it as an attempt to “telnet” to a host. This is a real pain in the backside as all . . . → Read More: Fixing that stupid Cisco IOS telnet thing… One of those things I can never remember! It’s: **# Lets you change the network configs among other things. Also can factory reset with: Settings> Phone settings> Press **2 Works on older 7921 at least. One pain with Cisco IOS is trying to get a configured interface back to defaults. Half the time you don’t even remember what those were. If it’s a sub-interface you can “no” it, but you will still have configuration left behind: cisco(config)#no interface ATM1/0.1 Not all config may be removed and may reappear after reactivating . . . → Read More: Defaulting a Cisco interface… I can never seem to remember how to “remove” a VLAN on a switch (eg: Cisco 6500) running the older CatOS. The new IOS based switches are much easier. Anyway, it’s actually quite simple, just force the port to VLAN 1 (assuming that is your default/native VLAN). For example if port 6/5 was set to . . . → Read More: How to remove a VLAN from a port in CatOS… |
|||||
|
Copyright © 2020 Matt Fahrner (mattfahrner.com) - All Rights Reserved Powered by WordPress & Atahualpa |
|||||
