All blog entries

Home

Staff Blogs

NetCraftsmen Staff Blogs

Our blog space holds articles on a variety of technical topics.

From February - Some Previous Posts

Posted by: Terry Slattery on Feb 28, 2009

Tagged in: voip troubleshooting , VoIP Metrics , voicecon , syslog , snmp traps , NMS , network management , network analysis , NetMRI , NCCM , event analysis , device modeling

Here is a list of the articles I posted in February to my blog at Netcordia:

"Network Management Sucks!!!" discusses why I think Jimmy Ray Purser, a blogger for Cisco and Network World, is right on target in his article 'Network Management Sucks!!!' about the deficiency of most network management systems.
"Event Reporting" talks about at collecting and managing event reporting for syslog and SNMP traps.
"VoiceCon Spring 2009 Orlando, FL" describes my plans to present a tutorial on VoIP Troubleshooting, Monitoring, and Metrics as well as lead a panel discussion on Network Management: Finding the Right Tools atVoiceCon Spring 2009.
"Device Modeling" describes why I think that using network confiugration management systems that model network devices may not be worth the effort.

Using NAC Roles at a Layer 3 Access Switch

Posted by: Carole Warner Reece on Feb 28, 2009

Tagged in: Out-of-band , NAC roles , NAC design , NAC , Layer 3 OOB

In a Layer 3 out-of-band (OOB) NAC design, NAC roles are supported at a Layer 3 access switch. Initially, the end device is put in the authentication VLAN. After successful log in and posture assessment, the NACM tells the access switch to place the port in a user role VLAN. The end device will DHCP for a new address in the user role VLAN. The Layer 3 access switch can act as the DHCP server.

Regular Expression Practice Quiz

Posted by: Carole Warner Reece on Feb 18, 2009

Tagged in: regular expression , REGEX practice , REGEX , BGP

As part of my Networkers 2009 BGP presentation, I put together this online version of a quiz to help folks practice Regular Expresssions (REGEX). You can access the quiz here:

Regular Expression Practice

(The content on the quiz may take a few seconds to appear.)

Cisco IOS SSL VPN Example

Posted by: Rob Chee on Feb 15, 2009

Tagged in: VPN , SSL VPN , IOS SSL

Cisco has made a big push into the SSL VPN market. Currently, their main focus appears to be on beefing up their SSL VPN support of the ASA FW. SSL VPN does exist within IOS as well, though. Version 12.4(20)T added a lot of new features. The IOS SSL VPN features are definitely lagging behind the ASA SSL VPN, but the basic functionality is available within IOS SSL VPN. The IOS SSL VPN supports clientless, thin client, and full client modes. The clientless mode uses a web portal. Thin client augments the web portal with port forwarding capability. The full client uses the AnyConnect SSL client. The IOS SSL VPN does not have RDP, telnet, ssh, etc plugin capability that exists in the ASA SSL VPN. It also does not support the dynamic access policy(DAP) also available in the ASA SSL VPN.

Comment (0) Read More...

Auto Reconnect with Cisco AnyConnect VPN

Posted by: Rob Chee on Feb 10, 2009

Tagged in: VPN , AnyConnect VPN

One of the great features about the Cisco AnyConnect VPN client is auto reconnect. This feature automatically reconnects a VPN session if the users internet connectivity drops. This means that if a user is connected to the VPN and the user's computer is accidentally unplugged, the VPN connection will be automatically reestablished when the computer is plugged back in. Another example would be a similar situation when a 3G wireless connection drops. If using the IPSec VPN client, a temporary loss of signal would cause the VPN connection to drop. With the AnyConnect VPN client, the VPN connection would be automatically reestablished.

Comment (0) Read More...

Moving Cisco CSA Management Center

Posted by: Rob Chee on Feb 9, 2009

Tagged in: CSA MC

The Cisco Security Agent Management Center (CSA MC) provides the central management for CSA. The Agents check in with the CSA MC to make sure they have the latest policy and version of software. For this reason, it is important that the CSA MC be a stable server that is always operational with the same IP address and name. Unfortunately, there may be unavoidable instances where the CSA MC must be moved to a new server with a different IP and name. This guide will go through how to move the CSA MC application and database to a new server and migrate the Agents, running on the end computers, to use the new CSA MC.

Comment (0) Read More...

Easy Way to Find the SNMP OIDs on an ASA FW

Posted by: Rob Chee on Feb 8, 2009

Tagged in: ASA

One excellent command for viewing ASA SNMP OIDs is "show snmp-server oidlist". It appears that this is a hidden command, based on the ASA 8.0 Reference Guide. This command provides information on the OID and name associated with it. I've included an example below:

Comment (0) Read More...

Cisco NAC Version 4.1.8 Released

Posted by: Rob Chee on Feb 2, 2009

Tagged in: NAC

Cisco NAC version 4.1.8 has been released. The release notes spell out the changes.

The general NAC Manager/Server enhancements are

CAS Fallback Behavior Enhancement
CAS HA Pair Link-Detect Configuration Enhancement
DHCP Failover Behavior Enhancement

Additionally, there are number of agent fixes.

Comment (0) Read More...

Creating a Self-Signed SSL Certificate for Microsoft IIS

Posted by: Rob Chee on Feb 1, 2009

Tagged in: SSL Certificate , IIS Resource

I wrote a previous blog entry that gave information creating a self-signed SSL certificate with Apache. I recently also had to create a self-signed SSL certificate for Microsoft IIS. It turns out that this is really easy.

Comment (0) Read More...

Next Events

Blog Categories

Blog Contributors

Tags

10 Gbps Ethernet 3G 7z 802.11 802.11 basics 802.11 course 802.11 project management 802.11 Traffic Flows 802.11 Wireless LAN 802.11n About Chesapeake NetCraftsmen Acrobits Acrobits Softphone AD Group Membership AD SSO Advanced Settings Tool anti-spoofing filters anti-virus anyconnect AnyConnect VPN AP vendor API Apple Apple iPhone ASA AT&T Attacks Attendant Console AXL Background Images Backup bandwidth BDP BFD BGP BGP neighbor soft-reconfiguration BGP redistribution BGP Route Reflector Design BGP Soft Reset bit error rate Bluetooth Boolean Expressions botnets bug business case C-MUG Call Globalization Call Optimization Call Queuing CallManager CallManager Express case study CCA CCDE CCDE practical CCDE written CCDE written practice CCIE CCIE Written CEF Certification CFUR Cisco 6500 Cisco 7200 Cisco Call Manager Cisco CallManager Cisco Design Zone Cisco Express Forwarding Cisco Live Cisco MPLS Cisco Phone Designer Cisco router Cisco switch Cisco TFTP Cisco Unified Presence Cisco VPN Client Cisco WebEx class of restriction CLI cloud computing CM co-channel interference COBRAS Communications Manager compliance configuration management configuration policy Contact Center Contact Center Express copSSH Corporate Directory CRS CRS Scripts CSA MC CUCM CUCM CLI CUCM troubleshooting CUCME CUPS customer mpls vpn customer mpls wan cygwin data center data center consolidation data center design data center infrastructure data center interconnect data center migration debug debugging design device configuration device discovery device groups device modeling devicelistx diagnostic tools diagnostics dial plan Directory Synchronization DirSync DNS SRV dual carrier MPLS VPN dual carrier MPLS WAN dual data center Dual WAN routing Dynagen Dynamips EIGRP email email security enterprise mpls vpn Enterprise MPLS WAN EoL2TPv3 EoMPLS ESX server NIC teaming etherchannel etherchannel mismatch Ethernet over MPLS event analysis event logs Exchange Expect Export extended VLAN failure domains Fast Rerouting FDCC fiber cuts fiber farm file transfer FIPS 140 Firefox firewall firmware upgrade full mesh fusion fusion router high availability iBGP IGP IIS Resource impact of packet loss Import Infrastructure Integrated Messaging interface groups IOS 12.4 IOS SSL ip multicast IP Phone Services IPCCX iPhone iPhone SIP Clients IPS IPv6 IPv6 addressing IPv6 addressing plan IPv6 Summit ISAKMP Java JRE jumbo L2 MPLS VPN L2 over L3 Lab large VLAN Layer 2 Layer 2 over Layer 3 Layer 2 Switching Layer 2 tunnel Layer 3 OOB layer 3 switching LDAP load balancer load balancing local preference Local Route Groups logparser mac address flapping malware MARS Mathis equation Mathis formula Meeting Center Message Store Configuration Wizard Microsoft Migration moving server virtually between zones MPLS MPLS QoS mpls routing MPLS VPN MPLS VPN customer routing MPLS VPN WAN MPLS WAN MSS MTTR Multi-VRF multicast multicast best practices multicast in a vrf multicast vrf lite Music On Hold MWI NAC NAC API NAC Appliance NAC design NAC roles NAC Server NAT NAT Traversal NCCM NCM net-snmp NetCraftsmen recruiting netflow NetMRI Network Address Translation network analysis Network Compliance Manager network discovery network health network hygiene network management network monitoring network outages Nexus Nexus 2000 Nexus 5000 Nexus 7000 NMS Non Stop Forwarding Non-Stop Forwarding NSF OMB openSSH OSI layer OTV Out-of-band Outlook P2V packet captures packet loss PAT Patching PCA PCI PCI audit performance routing PERL netflow interpreter PERL script Personal Communications Assistant PfR Phone Customization physical to virtual conversion PIN security ping-pong PIX podcast port-based EoMPLS port-channel port-security sticky pre-site survey prefix-list Presence presentation problem management protocol analysis pseudo-wire pseudowire PWE Q.SIG QoS QoS in 6500 QoS with VSL radio considerations radio frequency redistribution redundancy REGEX REGEX practice regular expression Replication Restore Return Receipt RF RisPort ROI route reflectors router Routing convergence routing loop RSS feeds RTT rural fiber network script Security security patches server configuration server etherchannel SFTP shared services show ip cache flow SIP SIP Clients for iPhone SIP VoIP Phone for iPhone SLA slow slow application behavior smime snmp SNMP ifIndex snmp polling snmp traps SOAP spanning tree Spanning Tree loop SQL SRST SSL Certificate SSL VPN SSO standard network architecture standardization Stateful Switchover static routes Sup720-10G syslog TAC TCL TCP TCP performance TCP Ports TCP throughput Testing throughput tools top of rack topology trace trojan troubleshooting Troubleshooting 802.11 TTL exceeded UC UC 7x UC Operations UC500 UC520 UCCX UDP Ports UM Unified Communications Unified Messaging Unity Unity Connection Unity troubleshooting Upgrade Using 10G ports Sup720 Using XML UTIM virtual desktop virtual machine virtual pod Virtual Switch Link virtualization vlan vlan-based EoMPLS VMWare VMware products VMware vSphere 4.0 glossary vmworld Voice voicecon Voicemail Voicemail Relay VoIP VoIP Metrics VoIP over 3G voip troubleshooting VPN VRF VRF into GRE vrf lite VRF-Lite VSL vSphere VSS WAN WAP vendor web logging WebEx WebEx Meeting Center WebEx Meeting Center for iPhone WeePhone weight WiFi WiFi Basics WiFi channels WiFi course WiFi vendors WinPCAP wireless wireless course wireless LAN wireless project management Wireless Project Plan Wireless Project Planning wireless requirement gathering WLAN WLAN course WLAN project management WLAN Traffic Flows WSUS X-Lite xconnect zeus

Copyright © 2010 Chesapeake NetCraftsmen. Designed by Montano Designs