Daren Matthews

NOTE: investigate “snmp mib persistant” command on IOS.

here is a “how to” for monitoring QoS with MRTG: Read more…

An aide-memoir – View the Nagios Object Diagram: Read more…

How to configure IOS device for authentication to TACACS server for administrative logins: Read more…

Cisco’s original TACACS+ server compiled to run under Windows! This is the original 4.0.4 version of tac_plus.

NOTE: None of the TACACS code available here comes with any warranty or support:

http://www.xpresslearn.com/tools/software-tools/cisco-tacacs-server-for-windows

Configuration file assistance:

http://www.stben.net/tacacs/users_guide.html

The latest Cisco TAC Newsletter had an interesting tip on recovering hidden pre-shared keys (which I’ve needed to do many times). So simple, it’s brilliant :) here’s the reprint: Read more…

Ever bought one of those APC Masterswitch PDU’s from eBay, then tried to login to the admin interface with the usual default “apc” / “apc” but found that the password had been changed?

Manuals:

• APC9211
• Userguide AP9606 WebSNMP Management SmartSlot Card
• Installation AP9606 WebSNMP Management SmartSlot Card

The usual password recovery procedures (well documented) are quite tedious, requiring emails and serial numbers. What a pain!

• If you use one in your home lab this vulnerability will help you if you happen to buy one from eBay with the password set.
• If you use them on a production network – this could become an attack vector,  so replace them or upgrade!

Here’s how to hack the password: Read more…

How to avoid two people making changes to the configuration at the same time

The only command you need to use is the configuration mode exclusive {auto | manual} from global configuration mode.

• The auto keyword automatically locks the configuration session whenever the configure terminal command is used and this is the default option.
• The inverse manual keyword allows you to choose to lock the configuration session manually or simply leave it unlocked.

Here is how to do it: Read more…

When capturing log sessions during an outage or debug session it’s crucial to keep a history of what was done when and in what order. This helps in post mortem analysis after the event or session is over. There are a couple of standard things to do to help this such as:

• NTP time sync all devices in the network to get them on a single time source
• Enable syslog for all devices in the network
• Allocate some local log space on each local device based on a percentage of free memory available on the device
• Always have trend graphs from some polling mechanism for CPU levels, memory usage, traffic rates, etc.

In addition to these here are a few other tips that really help TAC analyse log and debug sessions that are collected: Read more…

Remote SPAN Configuration

Remote SPAN allows source ports and destination ports to be located on different switches. It uses a SPAN VLAN to transmit a copy of span data from source across the network to destination. You have to define and allow the SPAN VLAN in all network devices in the path.
Here’s how to do it: Read more…