Wednesday, January 15, 2020

WLC Upgrade Info

config ap image predownload primary all
show ap image all

Posted by at No comments:

Tuesday, December 19, 2017

Show Info on and Sync Configs to a Failover ASA

If your ASAs are in an HA pair with one active and one standby:

From the primary ASA you can use the failover exec mate commands. This has to be done from config mode for some strange reason.

conf t
failover exec mate show


To sync the configs from the primary to the secondary use write standby 
Posted by at No comments:

Wednesday, November 8, 2017

Show All AP Power Levels via CLI

show ap config 802.11a summary
show ap config 802.11b summary
Posted by at No comments:

Wednesday, February 8, 2017


WLC AireOS AP Support Comparision Between version 8.0.140.0 and 8.2.141.0
Reference: http://www.cisco.com/c/en/us/td/docs/wireless/compatibility/matrix/compatibility-matrix.html#pgfId-243612


APs Supported in both 8.0.140.0 and 8.2.141.0
1040
1140
1260
1600
1700
2600
2700
3500e
3500i
3500p
3600e
3600i
3600p
3702e
3702i
3702p
600 OEAP
700
700W
AP802

APs only supported in 8.2.141.0
1810 OEAP
1810W
1830
1850
2800
3800
ASA5506W-AP702
AP803

APs only supported in 8.0.140.0
1130
1240
1250
AP801
Posted by at No comments:

Tuesday, September 6, 2016

CUE SMTP VM to Email Debugs

no trace all
clear trace
trace voicemail msgnotif all
trace configapi smtp debug
trace entitymanager NotifDevice all
trace smtp all
sho trace buffer tail

https://voiceonbits.com/2010/08/10/cue-voicemail-notification-through-email/


Posted by at No comments:

Monday, March 21, 2016

Cisco WLC Hex Settings

For a single controller with an IP address of 10.1.1.3 configure this in the DHCP scope.

option 43 hex f1040a010103

Also have to add option 60 to the DHCP scope. For a 1700 series AP:

option 60 ascii “Cisco AP c1700”
Posted by at No comments:

Thursday, September 3, 2015

Cisco WLC Multicast Address

239.0.1.1


http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/82463-wlc-config-best-practice.html
Posted by at No comments:

Tuesday, February 11, 2014

STP and Switching Loops

STP does not completely protect you from switching loops.

http://blog.ipspace.net/2012/04/stp-loops-strike-again.html
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080136673.shtml
Posted by at No comments:

Tuesday, February 5, 2013

ISDN Caller ID Name

No caller ID (CID) names showing up on phones? Run the usual debug isdn q931 and debug isdn q921 to make sure that the CID name is coming from the provider. If it is, add isdn supp-service name calling to the serial port for the ISDN trunk. Then retest.

Source: https://supportforums.cisco.com/docs/DOC-8873

Example:

interface Serial0/3/0:23
 no ip address
 encapsulation hdlc
 isdn switch-type primary-ni
 isdn incoming-voice voice
 isdn map address . plan unknown type unknown
 isdn supp-service name calling
 isdn sending-complete
 isdn outgoing ie redirecting-number
 trunk-group ALL_T1E1
 no cdp enable
Posted by at No comments:

Wednesday, November 21, 2012

Seconds Per Ring = 6

In the US, a standard ring cycle is 6 seconds.
2-4 - 2 seconds of ringing followed by 4 seconds of silence.

http://en.wikipedia.org/wiki/Ringtone
http://www.tek-tips.com/viewthread.cfm?qid=1065741
Posted by at No comments:

Thursday, September 13, 2012

Test Post

Test post. 13:19
Posted by at No comments:

Thursday, January 19, 2012

Cisco VPN Broken

VPN not functioning for connecting to other hosts including the CUE? Disable IP cef

conf t
no ip cef
Posted by at No comments:
Labels: ,

Monday, October 31, 2011

Adding Entries to an Existing ACL on an ASA

Adding Entries (ACEs) to an Existing ACL
You can add entries to ACLs on ASAs by using the line number command. Line numbers on ASAs work differently than on routers. They are not stored in the configs and they will not show up in a show access-list command (basically the ASA doesn't keep the numbers, they are just used for inserting). To do this, just count the line numbers and tell the ASA where you want the new one to go. The existing line of that number will move down (e.g. if you insert at line 3, the old line 3 will become line 4 because you have just added a line above it).  

! Test ACL
access-list TEST_ACL extended permit ip 10.1.1.1 255.255.255.255 any
access-list TEST_ACL extended permit ip 10.1.1.2 255.255.255.255 any
access-list TEST_ACL extended permit ip 10.1.1.3 255.255.255.255 any

! Implicit Deny

! Deny access from 10.1.1.1 to evil DNS servers 4.2.2.2 and 8.8.8.8. We need this to be above the permit any from 10.1.1.1 so the denies will take effect.
! We can use line numbers to do this
access-list TEST_ACL line 1 extended deny ip 10.1.1.1 255.255.255.255 4.2.2.2
access-list TEST_ACL line 2 extended deny ip 10.1.1.1 255.255.255.255 8.8.8.8
!
!NEW ACL
access-list TEST_ACL extended deny ip 10.1.1.1 255.255.255.255 4.2.2.2
access-list TEST_ACL extended deny ip 10.1.1.1 255.255.255.255 8.8.8.8
access-list TEST_ACL extended permit ip 10.1.1.1 255.255.255.255 any
access-list TEST_ACL extended permit ip 10.1.1.2 255.255.255.255 any
access-list TEST_ACL extended permit ip 10.1.1.3 255.255.255.255 any

! Ooops, we forgot to deny access from 10.1.1.2 to these same evil DNS servers
access-list TEST_ACL line 1 extended deny ip 10.1.1.2 255.255.255.255 4.2.2.2
access-list TEST_ACL line 2 extended deny ip 10.1.1.2 255.255.255.255 8.8.8.8
!

!New New ACL
!NEW ACL
access-list TEST_ACL extended deny ip 10.1.1.2 255.255.255.255 4.2.2.2
access-list TEST_ACL extended deny ip 10.1.1.2 255.255.255.255 8.8.8.8
access-list TEST_ACL extended deny ip 10.1.1.1 255.255.255.255 4.2.2.2
access-list TEST_ACL extended deny ip 10.1.1.1 255.255.255.255 8.8.8.8
access-list TEST_ACL extended permit ip 10.1.1.1 255.255.255.255 any
access-list TEST_ACL extended permit ip 10.1.1.2 255.255.255.255 any
access-list TEST_ACL extended permit ip 10.1.1.3 255.255.255.255 any


  Adding an Extended Access List

An access list is made up of one or more access control entries (ACEs) with the same access list ID. To create an access list you start by creating an ACE and applying a list name. An access list with one entry is still considered a list, although you can add multiple entries to the list.
To add an extended access list or an ACE, enter the following command:
Command
Purpose
access-list access_list_name [line 
line_number] [extended] {deny permit} 
protocol source_address mask 
[operator port] dest_address mask 
[operator port | icmp_type] [inactive]

Example:

hostname(config)# access-list ACL_IN 
extended permit ip any any
Adds an extended access control entry.
The line line_number options specify the line number at which insert the ACE. If you do not specify a line number, the ACE is added to the end of the access list. The line number is not saved in the configuration; it only specifies where to insert the ACE.
The extended option adds an ACE.
The deny keyword denies a packet if the conditions are matched. Some features do not allow deny ACEs, such as NAT. See the command documentation for each feature that uses an access list for more information.
The permit keyword permits a packet if the conditions are matched.
The protocol argument specifies the IP protocol name or number. For example UDP is 17, TCP is 6, and EGP is 47.
The source_address specifies the IP address of the network or host from which the packet is being sent. Enter the host keyword before the IP address to specify a single address. In this case, do not enter a mask. Enter the any keyword instead of the address and mask to specify any address.
The operator port option matches the port numbers used by the source or destination. The permitted operators are as follows:
lt—less than.
gt—greater than.
dq—equal to.
neq—not equal to.
range—an inclusive range of values. When you use this operator, specify two port numbers, for example: range 100 200.
The dest_address argument specifies the IP address of the network or host to which the packet is being sent. Enter the host keyword before the IP address to specify a single address. In this case, do not enter a mask. Enter the any keyword instead of the address and mask to specify any address.
The icmp_type argument specifies the ICMP type if the protocol is ICMP.
The inactive keyword disables an ACE. To reenable it, enter the entire ACE without the inactive keyword. This feature enables you to keep a record of an inactive ACE in your configuration to make reenabling easier.
(See the access-list extended command in the Cisco Security Appliance Command Reference for more information about command options.)
Posted by at 1 comment:
Labels: , ,

Monday, October 10, 2011

Default Interface Cisco Command

I can't even count the number of times I've tried to remove all the configs from an interface by doing a no interface command. The router or switch always replies with a snarky "Removal of physical interfaces is not permitted." I then copy all the commands for the interface, open up notepad, put a no in front of all the ones I don't want and then paste it back into the CLI.

A 10 second change has now taken 2 minutes and increased my frustration level unnecessarily.

 Default to the rescue. Just use this command to return the physical interface and any subinterfaces to their default (unconfigured) values. Note: if you only want to default a single subinterface, you can just do a no to remove it and then add it back in.  

default

default fa0/1



http://blog.ioshints.info/2007/06/default-interface-configuration-command.html
http://www.cisco.com/en/US/docs/ios/12_2t/inter/command/reference/irftdce.html#wp1081863


Posted by at No comments:
Labels: ,

Friday, September 23, 2011

Cisco - CUE - Show Voicemail Email Notification Settings for a User from CLI

 show voicemail notification owner email

Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)