By Matt Fahrner, on September 26th, 2016% I purchased some used Cisco C1140 autonomous access points for my home network (autonomous meaning not lightweight or requiring a WLC). While everything seemed to be fine at first, later we noticed that printouts to our Canon laser printer were no longer working from our Macs. After some research I realized that the Macs were . . . → Read More: Fix Apple Bonjour with Cisco autonomous APs
By Matt Fahrner, on October 22nd, 2015% Some important Cisco ASA firewall details I and others have learned and shared over the years:
Don’t use “security-level” as your method of security. In the long term at best “security-level” will cause you to block traffic you didn’t expect, at worst, it will allow traffic you didn’t want. Why? Well… If you add an . . . → Read More: ASA Firewall Rules of Thumb
By Matt Fahrner, on March 12th, 2011% If you get something like this in your Cisco’s IOS firewall log:
Mar 12 15:05:33 192.168.1.1 3129: 003121: *Mar 12 15:03:03.195 EST: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:525214740 1415 bytes is out-of-order; expected seq:525170856. Reason: TCP reassembly queue overflow – session 192.168.1.5:53022 to 208.79.250.63:80 on zone-pair ccp-zp-in-out class ccp-protocol-http
sometimes accompanied by hangs in . . . → Read More: Zone Firewall TCP reassembly size
By Matt Fahrner, on March 9th, 2010% Completely different from Cisco IOS, so hard to remember:
Log into the PIX/FWSM and go to “enable” mode. Do a “who”:
|
fwsm# who 0: 192.168.100.80 2: 192.168.100.5 |
Choose the IP of the session you want to kill and grab the number. In this case I want to kill the “192.168.100.5” session, so I want “2”. Then kill it:
The . . . → Read More: How to kill a session on a Cisco PIX/FWSM
By Matt Fahrner, on January 8th, 2009% One of the things that most drives me crazy about Ciscos is the default setting that makes when you’re at a Cisco IOS “exec” prompt that if you type something that isn’t a command, it interprets it as an attempt to “telnet” to a host. This is a real pain in the backside as all . . . → Read More: Fixing that stupid Cisco IOS telnet thing…
By Matt Fahrner, on January 8th, 2009% One of those things I can never remember! It’s:
**#
Lets you change the network configs among other things.
Also can factory reset with:
Settings> Phone settings> Press **2
Works on older 7921 at least.
By Matt Fahrner, on December 4th, 2008% One pain with Cisco IOS is trying to get a configured interface back to defaults. Half the time you don’t even remember what those were.
If it’s a sub-interface you can “no” it, but you will still have configuration left behind:
cisco(config)#no interface ATM1/0.1 Not all config may be removed and may reappear after reactivating . . . → Read More: Defaulting a Cisco interface…
By Matt Fahrner, on December 4th, 2008% I can never seem to remember how to “remove” a VLAN on a switch (eg: Cisco 6500) running the older CatOS. The new IOS based switches are much easier.
Anyway, it’s actually quite simple, just force the port to VLAN 1 (assuming that is your default/native VLAN). For example if port 6/5 was set to . . . → Read More: How to remove a VLAN from a port in CatOS…
|
My Resume I've worked in professionally in the systems, networking, security, and programming arenas for the last 25+ years, much of it in leadership or management roles. I am equally comfortable in highly technical “hands on” scenarios as with interacting with executives to drive projects forward.
My resume and other information about my experience can be found here and here.
Caveat Emptor The views expressed here are strictly my own and do not represent those of my employer, its officers, nor any other organization.
|