Skip to content

Network Ninja

The Long Road to Cisco

  • Home
  • About
  • Legal Disclaimer
  • Archives
Less
More
Trim
Untrim
« Older
Home
Loading
Newer »

Archive for the 'Support' Category

CCIE Command Memorizer

Published
by
Deon Botha
on September 12, 2008
in Asides, Off-Topic, Support and Vine
. 2 Comments

About a two weeks ago David Bombal from Configure Terminal contacted me about doing a write up for  CCIE Command Memorizer. As a current CCNP student there is obviously some of the CCIE content that still goes over my head but most of the stuff I am fairly okay with. David didn’t seem to mind that I wasn’t a CCIE as yet and I sure didn’t mind giving CCIE Command Memorizer a spin so below are my thoughts and feelings.

During my initial research on the CCIE Command Memorizer I found that CCIE Command Memorizer was geared towards the CCIE Routing and Switching (R&S) Lab. When I received the application Monday two weeks ago my initial impression was that it covers without many frills and spills in an effective and efficient manner the commands in a Do-It-Yourself fill in the blanks task to objective orientated format. There is no round-about, search for things “what now” moments; everything is straight and to the point. Another bonus is that the download isn’t enormous either.

The CCIE Command Memorizer application itself is written in an e-book format, which works for the content and in that format. If like myself you like using the keyboard when you get going on command line (IOW dislike moving between the mouse+keyboard) some of the shortcuts might feel “off” and take a bit to get use to. Take heart that once you get going it all starts flowing like second nature.

My feelings on how the CCIE Command Memorizer would fit into my studies it that as a study tool / study aid as it helps you practice commands anywhere at any time as long as you have your notebook handy (face it as a CCNP I realize I am a Geeks and my notebook goes on holiday with me so this pretty much means anywhere). My current situation with a LAB is that I am busy getting racks, cabling, and other kit together to put a LAB up, the actual LAB is non-existent. In my situation the CCIE Command Memorizer is my stop-gap for actual “command” time practice as I don’t really have kit and at times no block time to zero in on a specific Technology Area and do some quick revision work with a specific focus only on that technology. This is different from the LAB where you need to setup and configure peripheral services and technologies to get to the meat close to the bone, CCIE Command Memorizer lets you focus ONLY on those parts to give you practice on those parts.

In my opinion students that would find the CCIE Command Memorizer useful would be individuals who have problems with instant recall of information when under stress or duress (people with classic test condition issues that forget as they walk through the door when in normal day-to-day they are Uber networkers) and students who need to drill things to remember (repetition, repetition, repetition) information to get it to pass from short term into long term memory (this one would be me). Most other students may also find it handy to bridge the book theory and lab practical (where you just went through the theory to quickly go over the practical again to cement the knowledge just a bit more).

From my perspective as a CCNP student the CCIE Command Memorizer shares most (if not all) of the content material with the CCNP that I cared to check up on. In the two weeks I have been working through EIGRP and OSPF (notes to follow shortly) for the BSCI. Everything I covered in theory the CCIE Command Memorizer covered + some more.

To close off for those who want a one-size-fits-all study solution don’t mistake the CCIE Command Memorizer for something it wasn’t built to be. The CCIE Command Memorizer is a STUDY TOOL / STUDY AID and not a “Complete Blended Solution” or All-In-One (aio) Product like the guys from IP Expert offer. This will mean that you will probably either attend classes from a Cisco Learning Partner and/or do labs at home or through a Rack Rental Company and/or also have Cisco Press books that will ADD TO THE VALUE the CCIE Command Memorizer.

In summation I suggest taking a serious look at the CCIE Command Memorizer and how to integrate it into your study plans. Taking all things into consideration I would seriously recommend the CCIE Command Memorizer even to current CCNP level students. The value add is easy to find and it helps to have something that you can take along as you travel that does command line study effectively without the need to spend hours on “setting up other things” before you get to play with advanced topics.

Cisco Partner Enablement Training

Published
by
Deon Botha
on July 18, 2008
in Cisco Systems and Support
. 0 Comments

I am at the local Cisco offices today for Partner training. It’s basically Cisco letting Partners know where to find what on Cisco.com. For those of you that haven’t tried to find/navigate the Cisco Website it can be a little daunting at first (I remember how it was for me). The nuts and bolts of this training is Cisco letting Partners know what tools are available and giving us a bit of a demo (selling us on them).

I am writing this post so that I can keep these links in a central place; If you find them useful that’s cool. There are more tools available from Cisco like Quote Builder, Competitive Edge Portal, Sales Accelerator and others that I am not covering.

Most if not all of the tools I will be babbling on about will require a valid CCO login and that your CCO be linked to a valid Cisco Partner.

A good place to start if you are a new Cisco partner or just getting started on a new job at a Cisco Partner would be the Partner Enablement Page; from there you can find most of the tools that Cisco provide listen under logical headings that I will describe shortly below.

The first heading you will find is Develop whether this be business development or personal development it’s listed under here. First off the bat we have The Partner Enablement Page that gives you one click access to most of the Cisco tools that you will need under this section. Including tools like the Partner Enablement Navigator that is an online wizard for Partner enablement tools and resources to give you quick access to what you need when you need it. There is also a link to Partner Practice Builder that helps Partners create a strategic development plan for various decision making functions (i.e. whether to do Unified Communications or not?). Finally there is Partner Education Connection that provides online course content for most of their courses; the courses range from free to providing links to where training is available at Cisco Learning Partners.

Next up we have Market and this is a kind of obvious one this is links to tools that either help you market Cisco products (Campaign Builder) or give you specific and relevant information assist you to be more effective in marketing Cisco products (Cisco Customized Partner Intelligence).

Then we have Sell for those in the sales teams or supporting sales teams. Starting off with Cisco Demo Solutions which is a boxed demo solution available for purchase from Cisco. Then we have the Cisco Partner Helpline that gives partners access to technical product information, including assistance with network design and product selection.

Finally Deliver where you can find Steps to Success that has resources for selling, delivering and supporting business solutions throughout the network lifecycle.

Cisco and DDNS

Published
by
Deon Botha
on June 4, 2008
in Cisco Systems, Concepts and Constructs, DDNS and Support
. 3 Comments

A little off-topic (switching being topic at the moment) but I ran into this today again and wanted to jot it down quick.

WARNINGS: The commands below enable public access to internal resources. This should not be done if you do not understand Access Control Lists (ACL) and/or have a proper Firewall (not windows Firewall) installed maybe a PIX or ASA even ISA Server would do. I prefer not doing this at all because it creates a rather obvious place for network attacks to happen. You must know that these commands are what I know to work, you may disagree and I would love to hear what you do/use. I take no responsibility whatsoever as to how you use these commands and you shall be responsible for your losses or your clients losses if you do not implement this correctly or data/information is stolen.

Dynamic Domain Name Service (DDNS) is a service that lets anyone on the internet gain access to resources on a local network when that local network is connected to the internet through a Dynamic (constantly changing) IP Address connection (most ADSL connections).

To understand the concept Domain Name Service (DNS) is the mapping of IP Addresses (192.168.0.1) to human-readable computer hostnames (www.companyweb.org) that is used by routers and other networking infrastructure to delivery information as needed. The internet uses DNS so that we can go to www.google.co.za and not have to remember the IP Address for google and the million other sites online.

DDNS makes it possible for Small, Medium Business (SMB) to allow employees, customers, partners and other stakeholders access to internal resources (mail, intranet, pricelists, documents, etc) without the requirement to pay for static IP address access to the internet. This is not limited to SMB as some larger companies have dynamic connections and also use the service. There are of course security concerns and problems with DDNS.

By enabling DDNS you allow external (untrusted) access to internal (trusted) resources. This leads to not just known (employees, customers, partners and other stakeholders) visitors but unknown (random hits, hackers, etc). If you do not implement the proper security you may and probably will lose information and data without even knowing it.

On the SMB range Cisco Series Routers upward the DDNS command is supported and services like Dyndns can be configured without much hassle. There are some small things to watch out for though that I will cover below.

Step 1: Open an Account with DynDNS (Other services work with Cisco Routers). I however have only used DynDNS and I am happy with them. Check the config guide from Cisco for the other commands. Once you have the DynDNS account setup a free DynDNS hostname they have many options like your-option.domain.com and write down this and your username and password.

Step 2: Add DynDNS.org to your Host list and Statically apply your ISP DNS servers. This works best, you could just not do this but it works better if you do.

Router(config)#ip host members.dyndns.org 63.208.196.96
Router(config)#ip name-server xxx.xxx.xxx.xxx
Router(config)#ip name-server xxx.xxx.xxx.xxx

Things to change xxx.xxx.xxx.xxx is your ISP DNS Server address, primary first address, secondary address second.

For those with ISPs that love changing their DNSs regularly (I know some ISPs change their DNS servers monthly, they have a list of DNSs and the active ones any given month would be any persons lucky assumption) this is great if you charge by the hour and bad for your client because they will see you every month (i.e. bad for Cisco’s image because a client thinks his Cisco kit breaks every month).

Via Etherealmind you can give OpenDNS a try. OpenDNS is DNS with a little extra as they inlcude Phising protection and spelling correction in their service.

Step 3: This is tricky because it uses a special character, play around with this and see what happens. When you get to the special character in the line press Ctrl+V to allow for the character input in IOS

Router(config)#ip ddns update method dyndns
Router(DDNS-update-method)#HTTP
Router(DDNS-HTTP)#http://DYNDNS-USERNAME:DYNDNS-PASSWORD@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
Router(DDNS-update-method)#interval maximum 0 28 0 0

If you don’t get it, the special character I mentioned is the question mark, which won’t be allowed to be input without the CTRL+V. Things to Change DYNDNS-USERNAME is your DynDNS Username and DYNDNS-PASSWORD is your DynDNS Password

Step 4: On the Dialer interface (not the ATM, fastethernet, gigabitethernet interfaces). This could also be put on the Serial interface (say for a flapping link, if you have a Leased line for internet but then you would probably have a static IP address) why you would use DDNS then I dont know but it could and would probably work.

Router(config)#interface Dialer1
Router(config-if)#ip ddns update hostname your-option.domain.com
Router(config-if)#ip ddns update dyndns host members.dyndns.org

Things to change your-option.domain.com is the choice for the domain you made at DynDNS like game-server.dyndns.org.

Step 5: We are doing this for a reason and the reason behind DDNS is to have a private resource available to the public internet. To achieve this in IPv4 NAT or PAT is used when a single Internet connection is available. NAT basically takes multiple internal addresses and allows all those addresses to access the internet at once through a single internet connection. For this to work you need to configure your NAT inside and NAT outside.

Router(config)#interface Dialer1
Router(config-if)#nat outside
Router(config-if)#exit
Router(config)#interface vlan VLAN-Number
Router(config-if)#nat inside

I use a VLAN and map the VLAN to an fastethernet or gigabitethernet interface, you may or may not do it this way.

Step 6: Configure NAT extend a internal resource to the public. I am say doing this for Small Business Server 2003 (SBS) for Exchange Outlook Web Access (OWA). This uses HTTP port 80 and HTTPS port 443. Consider only doing this if you have Premium Edition (comes with ISA Server) so that you can excercise some control over what you publish and what you dont publish.

Router(config-if)#ip nat inside source list 101 interface Dialer1 overload
Router(config-if)#ip nat inside source static tcp xxx.xxx.xxx.xxx 80 interface Dialer1 80
Router(config-if)#ip nat inside source static tcp xxx.xxx.xxx.xxx 443 interface Dialer1 443

Things to change here would be the xxx.xxx.xxx.xxx which is the SBS IP address (default is 192.168.16.2)

Step 7: Disable the Router HTTP and HTTPS server so that you won’t be getting the routers login page when you try access the your-option.domain.com. Which is both annoying, could break the functionality and also is a security risk.

Router(config-if)#no ip http server
Router(config-if)#no ip http secure-server

This command will disable the WEB GUI!!!! If this is a problem consider not configuring DDNS. This command may break functionality because it also uses HTTP port 80 meaning that if you type the url the router wont know whether to give you OWA or WEB GUI. It’s a security problem because everyime someone comes to the external website on port 80 the router will ask for level 15 login and password (Cisco specific information and anyone that knows network kit knows this means Cisco kit lurks yonder) and they may well actually get into the router and factory-reset it for you should they be able to login or you haven’t chosen a secure password (which is not good).

Step 8: Configure ACLs (at least) for WAN traffic). Some ISR routers come with options of Firewall consider configuring that too. Disable CDP on external facing interfaces etc (IOW take due care and dilligence in setting up a proper secure router plus some more because you are letting the outside world into the private network).

Step 9: To Verify DDNS using the show commands

Router(config)#show ip ddns update

Alternatively you can use the debug command

Router(config-if)#debug ip ddns update

Step 10 :I’m not paranoid (all this talk of security), I just don’t like gambling with lady luck. Exposing any part of the internal network to the outside world is a security risk that can be mitigated (not totally) but controlled. Consider this and how to mitigate the risk before exposing something like SBS (which by all accounts is the Business Nervous System in a SMB).

Notes and Notices:

Anything free is meant to be taken with a pound of salt. I take no responsibility for loss or damage from implementation of the above commands on routers or networks without proper consultation and documentation done by myself in person with end-users. I do not suggest this configuration, by writing this I do not imply that this is a good idea to implement or configure in all situations.

In good afrikaans “Die is als voets-toets”.

Cisco Support Wiki

Published
by
Deon Botha
on April 5, 2008
in Cisco Systems, Off-Topic and Support
. 0 Comments

This post via Joe Harris at 6200Networks.com about the Cisco Support Wiki that I didnt know about, sounds like something worth trying out sometime. Something similar to this (if not as extensive on the knowledge  element) is the Cisco Networking Professionals Connection that is basically a forum community.

This should be something to keep me busy tomorrow.

Search

About

You are currently browsing the Network Ninja weblog archives for the Support category.

Latest

RSS
  • Digital Growth with your Job
  • Open Shortest Path First – OSPF Fundamentals – Scenario
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 13
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 12
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 11
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 10
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 9
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 8
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 7
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 6

Archives

  • June 2009
  • April 2009
  • March 2009
  • February 2009
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008

Categories

  • 802.11 (7)
  • 802.1Q (1)
  • 802.1X (1)
  • AAA (1)
  • Access Point (7)
  • ACL (4)
  • Addressing (3)
  • Asides (31)
  • auto-summary (3)
  • AutoQoS (1)
  • Bandwidth (2)
  • BCMSN (55)
  • BDR (2)
  • BGP (1)
  • BPDU Filtering (1)
  • BPDU Guard (2)
  • BPDU Root Guard (1)
  • BSCI (67)
  • BSCI Notes (18)
  • BSCI Questions (48)
  • Business (1)
  • Cabling and Equiptment (3)
  • CAM (1)
  • CCDA (1)
  • CDP (1)
  • CEF (1)
  • Certification (123)
  • CIDR (2)
  • CIR (2)
  • Cisco Systems (144)
  • Concepts and Constructs (76)
  • CoS (1)
  • Cost (3)
  • DAI (1)
  • DDNS (1)
  • Debug (2)
  • DHCP Snooping (1)
  • DHCP Spoofing (1)
  • DR (3)
  • DUAL (1)
  • Dynamic ARP Inspection (1)
  • ECNM (5)
  • EIGRP (5)
  • Enterprise Architecture (7)
  • EtherChannel (1)
  • GLBP (1)
  • Hello Timer (2)
  • Hold Timer (2)
  • Hot Standby Router Protocol (1)
  • HSRP (1)
  • IGRP (1)
  • IIN (2)
  • Inter-Vlan Routing (1)
  • Interconnection Technologies (2)
  • IP Source Guard (1)
  • IS-IS (1)
  • ISL (1)
  • LACP (1)
  • Link State Advertisements (2)
  • Load Balancing (2)
  • Loop Guard (1)
  • MAC Address Flooding (1)
  • MLS (1)
  • MSTP (1)
  • NBAR (1)
  • NBMA (1)
  • Off-Topic (12)
  • OSPF (18)
  • PAgP (1)
  • passive-interface (1)
  • PoE (1)
  • Port Security (1)
  • Priority (2)
  • Proxy ARP (1)
  • PVC (1)
  • QoS (2)
  • RIP (1)
  • RIPv2 (1)
  • Root Guard (1)
  • RSTP (1)
  • Show (6)
  • Software (1)
  • SONA (2)
  • SSH (2)
  • STP (5)
  • Stub Router (3)
  • summary-address (1)
  • Support (4)
  • Switch Spoofing (1)
  • TCAM (1)
  • Telnet (2)
  • Troubleshooting (1)
  • Trunk (6)
  • Unidirectional Link Detection (1)
  • VACL (3)
  • VC (1)
  • Vine (20)
  • VLAN (11)
  • VLAN Hopping (1)
  • VLSM (1)
  • VoIP (1)
  • VRRP (1)
  • VTP (4)
  • VTY (1)
  • Wireless (7)

Styled with Sawchuk

Powered by WordPressabc and K21.0-RC7

Entries Feed and Comments Feed

44 queries. 1.5310 seconds.