Wednesday, December 30, 2009

There has been a signature failure - Norton Ghost - Lenovo

After restoring my ghost image to the lenovo 9485, I got the error "there has been a signature failure".

I can restore the image without any problem with R-tools.

I find this article on the web and try their instruction and it works.




Re: There has been a signature failureOptions
Mark as New

Bookmark

Subscribe

Subscribe to RSS Feed

Highlight

Print

Email to a Friend

Report Inappropriate Content

12-22-2008 07:31 AM

Partition does not boot after being restored with Norton Ghost - NetVista / ThinkCentre / ThinkPad General


Applicable Countries/Regions
Worldwide
Preloaded Software Information
Symptom
The master boot record on affected systems is comprised of 4 sectors, as opposed to the single sector expected by Norton Ghost. Since the boot is dependent on coding contained in all 4 sectors, the system hangs when it attempts to boot to the incomplete master boot record. A "signature failure" error message may also be displayed.

Affected configurations
This symptom apples to any NetVista, ThinkCentre and ThinkPad system using the WinPE Rescue and Recovery partition; as opposed to the PARTIES partition used on NetVista, ThinkCentre and ThinkPad systems prior to 2004.

Solution
The Ghost documentation provides the solution. Use the -IB switch when invoking Ghost from the command line or within a batch file. This should be done on both the image creation. The command line syntax is, C:\> GHOST -IB
A complete list of Ghost command line switches is displayed by typing GHOST ? and pressing the Enter key at the command prompt. For further information, contact Symantec technical support.

Additional information
If you need to Ghost an entire hard drive, including a hidden partition, use the following method:
Enter BIOS, go to Security, and set the predesktop area to "disabled" to make the hidden partition visible on the system with the source drive.
Run Symantec Ghost with the -IB switch when you create the image (example: C:\> GHOST -IB)
After the image is created, make the predesktop area visible on the target system by disabling it.
Restore the image created in step 2. No special switches are needed for this step (for NetVista only).
Reset the predesktop area to "normal", the system may be booted normally to the operating system or to the predesktop area by pressing the Access IBM key during POST.

Thursday, December 10, 2009

Multiple instance of google talk

1. Right-click on the desktop
2. Select New
3. Select Shortcut
4. Paste this into the text box:
"c:\program files\google\google talk\googletalk.exe" /nomutex
5. Click Next. Name it Google Talk Multiple
Click OK until you are done.
6. Sign out from google talk and uncheck remember password
7. Double clic the new icon and enter your username and password for the first account - check remember password if you want
8. Double clic the new icon and enter your username and password for the second account - check remember password if you want
9. Repeat the same process if you have more than 2 accounts.

Tuesday, December 8, 2009

Convaincing reason to leave users off vlan 1

see ciscopress bcmsn (ccnp) page 544 pdf version.

All hosts on VLAN 1 (PC-1, PC-2, and PC-3) will experience the broadcast storm. All trunk
links between switches will transport the broadcast frames. In addition, all switch supervisor
CPUs will receive and process the broadcasts because each switch has an IP address for
management assigned to VLAN 1. (For this reason, it is recommended to reserve VLAN 1 for
control protocol traffic only. User-generated broadcasts can overload the switch supervisor to
the extent that it no longer can keep track of its control or “overhead” protocols, such as VTP,
CDP, and so forth. Instead, all user traffic should be kept off VLAN 1.)

How to get google labs with a google apps account

Is Google labs missing from your google apps account?

Here are the step to get your google labs :

1- to dashboard in your google apps account
2- clic domain setting
3- check mark Enable pre-release features and save
4- dashboard and clic service setting
5- clic email
6- check mark Enable Gmail Labs for my users
7- save.
It takes couple hours for the google labs to display in your users setting -- so be patient.





Monday, December 7, 2009

Upside-Down Display In Windows XP

To revert to a right-side up display, hold down the CTRL, ALT and UP (arrow) keys.

Tuesday, November 24, 2009

How to wipe out your blackberry 8830 series

It is easy to wipeout your blackberry 8830 devices

1- Press the blackberry menu button
2- option (the wrench tool)
3-Security options (scroll down to see it)
4-General setting (first line )
5-Desktop (the last line - your have to scroll down)
6- Wipe Handhelp (2nd line)
7- Press continue
8- enter blackberry


and voila

Saturday, November 14, 2009

Difference between spanning-tree portfast bpduguard default and spanning-tree bpdufilter

source :
http://www.blogger.com/post-create.g?blogID=7181412395554836857

Understanding How PortFast BPDU Filtering Works

Release 12.1(13)E and later releases support PortFast BPDU filtering, which allows the administrator to prevent the system from sending or even receiving BPDUs on specified ports.

When configured globally, PortFast BPDU filtering applies to all operational PortFast ports. Ports in an operational PortFast state are supposed to be connected to hosts, that typically drop BPDUs. If an operational PortFast port receives a BPDU, it immediately loses its operational PortFast status. In that case, PortFast BPDU filtering is disabled on this port and STP resumes sending BPDUs on this port.

PortFast BPDU filtering can also be configured on a per-port basis. When PortFast BPDU filtering is explicitly configured on a port, it does not send any BPDUs and drops all BPDUs it receives.


Caution Explicate configuring PortFast BPDU filtering on a port that is not connected to a host can result in bridging loops as the port will ignore any BPDU it receives and go to forwarding.
When you enable PortFast BPDU filtering globally and set the port configuration as the default for PortFast BPDU filtering (see the "Enabling PortFast BPDU Filtering" section), then PortFast enables or disables PortFast BPDU filtering.

If the port configuration is not set to default, then the PortFast configuration will not affect PortFast BPDU filtering. Table 16-1 lists all the possible PortFast BPDU filtering combinations. PortFast BPDU filtering allows access ports to move directly to the forwarding state as soon as the end hosts are connected.

Table 16-1 PortFast BPDU Filtering Port Configurations

Per-Port Configuration
Global Configuration
PortFast State
PortFast BPDU Filtering State
Default

Enable

Enable

Enable1

Default

Enable

Disable

Disable

Default

Disable

Not applicable

Disable

Disable

Not applicable

Not applicable

Disable

Enable

Not applicable

Not applicable

Enable

1 The port transmits at least 10 BPDUs. If this port receives any BPDUs, then PortFast and PortFast BPDU filtering are disabled.

Tuesday, October 13, 2009

Exchange 2003/2007 Change User name and email address

source : http://www.amset.info/exchange/usernamechange.asp


User Name Changes
Author: Simon Butler, Exchange MVP, MCSE
Last Page Review: 06/07/2009
A common request is to to adjust the personal details for a user, usually female after a wedding (or a divorce).
This can also be asked for when someone replaces another member of staff.

However, you do have a number of options available to you when making the change. The options depend on how adamant the user is about their former name being totally eradicated.

The Alias Issue

Changing most settings in Exchange is quite easy and is outlined below.

The significant issue is the alias of the account. This is seen by the user's in their auto complete menu, and is the part in < > : Jane Smith .

While you can change the alias quite easily in Active Directory Users and Computers (Exchange 2003) or Exchange Management Console (Exchange 2007), this does have consequences, mainly for other people, not the user who is changing their name.

Auto complete entries will no longer work. They will need to be deleted and reselected from the Global Address List.
No one will be able to automatically reply to old email that has been sent by the user under the old alias. When clicking Reply they will need to find the user, delete them from the list of recipients and select them from the Global Address List.
You may also have problems with users in Outlook 2003 or higher and cached mode. They could have inaccurate information until a new Offline Address Book is generated.
New email and external email (whether inbound or outbound) is not affected.

The same issues occur if you rename an account totally - so the account shows Jane Smith

Method One - User Account Rename

If the user is happy for the alias to show the old name, then you can simply rename the account and update display names. This method is not recommended for a new member of staff, as it can cause confusion.

While this is a fairly straightforward process if not done correctly can mean a mixture of the old and the new name appearing throughout the system.

You should also time the change carefully. Make the change out of hours so that old inaccurate information is shown in the GAL for the shortest amount of time. If you have users on cached mode in Outlook 2003 and higher, make the change and then generate a new OAB so that they have an opportunity to get the latest information as soon as possible.

Exchange 2003

Use ADUC on the Exchange 2003 server. Ensure that the user is logged off when making the change. If a newlywed, during the honeymoon is a perfect time to make the changes.

Start ADUC and find the user listed.
Right click on the user and choose Rename. Correct the name as required and press enter.
A new dialogue box should not be brought up, which gives you the opportunity to correct all aspects, including the username.
In the example below, we are changing "Hazel Taylor" in to "Hazel Smith".



After pressing ok the main name change has been completed.
Exchange 2007

For Exchange 2007, open the properties of the user in the Exchange Management Console and adjust the name as required. If you want to change the user's login name and personal directory, then you will need to use ADUC.

Email Addresses

You shouldn't forget to adjust the email address of the user to take in to account the new name.

Right click on user again, and choose Properties.
Click on the "Email Addresses" tab.
Add the new email address in the same format as your existing email addresses. Leave the old address in place.
Change the default address to the new one.
By doing this, any email sent in on the old address will still be delivered, but all new email will go out with the new address.
With Exchange 2007, the Email Address Policy should update the email address to the new name. After that has happened, simply add the previous email address to the list.

Other Settings

If you are using some kind of personal drive space on the server that is mapped by username (ie \\server\%username% then you need to rename the folder.
On the workstation while the login will be in the new format, the folder in Documents and Settings will be in the old name, and will continue to work. If you want to change that as well, it is best to create a new profile.
Login as an administrator and rename the profile. A good suggestion is to add the suffix .old - "username.old"
Login as the user again and a new profile will be created. Copy data and settings from the old profile.
Outlook 2002 (and higher) Auto Complete

One thing that you cannot control is the auto complete on the latest versions of Outlook. You will need to instruct your users on how to clear the old name from the Auto Complete cache, then select the new name from the GAL fresh. Once the new name has been selected once, it will populate the auto complete list.
More information on Auto Complete and working with its cache can be found here.

Method Two - New Account

The second method that you can deal with a user changing their name is to create a new account. The old account is left in place.

To ensure that all email is caught, do the following...

Create the new account as normal, and populate it with the correct (new) email address, group memberships etc.
Put a new dummy SMTP address on to the old account and set it as default.
Remove the existing SMTP addresses from the old account and put them on to the new account. This means that any email coming in from outside on the old address is delivered to the new mailbox.
Exmerge the contents of the old mailbox and import it in to the new one.
Configure a forward on the old account to forward to the new account. For Exchange 2003 do this in Active Directory Users and Computers, User Properties, Exchange General, Delivery Options. For Exchange 2007 do this in the Exchange Management Console, Mail Flow Settings, Delivery Options.
Hide the account from the global address list, remove its group memberships etc. The account is no longer required for anything other than email, so can have most settings removed.
Setup the workstation etc and move the data around to limit the impact of the new account on the user - as explained above under "Other Settings".
The end result on this method is that other's auto complete entries continue to work, replies to old emails get delivered directly (via the old m

Monday, October 12, 2009

CISCO FLASH - Delete files and director from flash of a cisco router

You can use : erase flash:

But if you don't want to be prompted to confirm or if the directory content a sub directory of file, you should use the following command:

delete /force/recursive flash:

e.g.

delete /flash/recursive flash:/phone

Saturday, October 10, 2009

BEST NTP SERVER FOR VOICE_LAB

I am using 2 ntp servers for my home voip_system - home lab

ntp server 204.9.54.119
ntp server 129.6.15.29

Friday, October 9, 2009

How To Configure Dual ISP Backup with Cisco ASA 5505 Firewall

How To Configure Dual ISP Backup with Cisco ASA 5505 Firewall by Harris Andrea
in Networks

SOURCE: http://www.goarticles.com/cgi-bin/showa.cgi?C=1446826

In this article I will explain how to configure a Cisco ASA 5505 firewall to connect to dual ISPs for redundancy purposes. Suppose that we have a primary high-speed ISP connection, and a cheaper DSL line connected to a Secondary ISP. Normally all of our traffic should flow through the primary ISP. If the primary link fails, the secondary DSL connection should be utilized for Internet access. Please note that the above scenario is valid only for Outbound traffic (i.e. from our internal network towards the Internet). The functionality that I will describe below works for ASA 5505 version 7.2(1) and above.


Assume that we are assigned a static Public IP address of 100.100.100.1 from Primary ISP and another static Public IP address of 200.200.200.1 from our Backup ISP. We will use Ethernet 0/0 for connecting to Primary ISP, Ethernet 0/1 for connecting to our Internal LAN, and Ethernet 0/2 for connecting to our Backup ISP. We will create three VLANs to support our configuration. VLAN1 (the default Vlan) will be assigned to Ethernet 0/1 (inside), VLAN2 will be assigned to Ethernet 0/0 (primary-isp) and VLAN3 will be assigned to Ethernet 0/2 (backup-isp). We also have to configure two static default routes pointing to the ISP gateway address. The primary ISP default route shall have a metric of 1 and the backup ISP default route shall have a metric bigger than 1 (let's say 2). Let us see the configuration below:



ASA5505(config)# interface ethernet 0/0
ASA5505(config-if)# switchport access vlan 2
ASA5505(config-if)# no shutdown



ASA5505(config)# interface ethernet 0/1
ASA5505(config-if)# switchport access vlan 1
ASA5505(config-if)# no shutdown



ASA5505(config)# interface ethernet 0/2
ASA5505(config-if)# switchport access vlan 3
ASA5505(config-if)# no shutdown



ASA5505(config)# interface vlan 1
ASA5505(config-if)# nameif inside
ASA5505(config-if)# security-level 100
ASA5505(config-if)# ip address 192.168.1.1 255.255.255.0
ASA5505(config-if)# no shutdown



ASA5505(config)# interface vlan 2
ASA5505(config-if)# nameif primary-isp
ASA5505(config-if)# security-level 0
ASA5505(config-if)# ip address 100.100.100.1 255.255.255.0
ASA5505(config-if)# backup interface vlan 3
ASA5505(config-if)# no shutdown



ASA5505(config)# interface vlan 3
ASA5505(config-if)# nameif backup-isp
ASA5505(config-if)# security-level 1
ASA5505(config-if)# ip address 200.200.200.1 255.255.255.0
ASA5505(config-if)# no shutdown



ASA5505(config)# route primary-isp 0.0.0.0 0.0.0.0 100.100.100.2 1
ASA5505(config)# route backup-isp 0.0.0.0 0.0.0.0 200.200.200.2 2

Thursday, October 8, 2009

Exchange 2003 - Recipient Policy Variables - email address

%g --- Given Name (first Name)
%i --- Miggle Initials
%s --- Surname (LAst Name)
%d --- Display Name
%m --- Exchange Alias

Examples

%1g.%s@tititec.com - will give you -- m.nkounkou@tititec.com
%g.%s@tititec.com - will give you -- martial.nkounkou@tititec.com

Monday, October 5, 2009

How to create an invisible folder - folder without a name

1- create a new folder
2- double clic on the folder to rename it (or right clic the folder and choose rename)
3- delete the old name
4- Press ALT+01696 (on the numbering pad please)
(it means press Alt and without releasing it type 0196 on your num pad)
5- release Alt and press enter.

Now you have a folder without a name -

Friday, October 2, 2009

Intervlan Communication - Answer part 2

Create SVI interfaces and enable routing on the L3 switch 3550 - SW_C
Check if the Vlans 10 and 20 show up in SW_C
(Vlan10 and 20 should show up because all switches belong to the same VTP domain.


SW3550_C>en
Password:
SW3550_C#sh vlan brief

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/6, Fa0/7, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/19, Fa0/20, Fa0/21
Fa0/23, Fa0/24, Gi0/1, Gi0/2
10 ACCOUNTING active
20 SALES active Fa0/5
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup

Enabling routing in L3 switch.

SW3550_C#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW3550_C(config)#ip routing


Creating SVI interfaces.

SW3550_C(config)#int vlan 10
SW3550_C(config-if)#ip add
*Mar 6 01:58:43.513: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up10.10.10.254 255.255.255.0
SW3550_C(config-if)#no shut
SW3550_C(config-if)#exit
SW3550_C(config)#int vlan 20
SW3550_C(config-if)#ip add 20.20.20.254 255.255.255.0
SW3550_C(config-if)#no shut
SW3550_C(config-if)#^Z

Now let verify.


SW3550_C#sh ip int brief
Interface IP-Address OK? Method Status Protocol
Vlan1 192.168.1.201 YES NVRAM up up
Vlan10 10.10.10.254 YES manual up up
Vlan20 20.20.20.254 YES manual up up
FastEthernet0/1 unassigned YES unset down down
FastEthernet0/2 unassigned YES unset down down
FastEthernet0/3 unassigned YES unset up up
FastEthernet0/4 unassigned YES unset up up
FastEthernet0/5 unassigned YES unset down down
FastEthernet0/6 unassigned YES unset down down
FastEthernet0/7 unassigned YES unset down down
FastEthernet0/8 unassigned YES unset down down
FastEthernet0/9 unassigned YES unset up up
FastEthernet0/10 unassigned YES unset up up
FastEthernet0/11 unassigned YES unset down down
FastEthernet0/12 unassigned YES unset down down
FastEthernet0/13 unassigned YES unset down down
FastEthernet0/14 unassigned YES unset down down
FastEthernet0/15 unassigned YES unset down down
FastEthernet0/16 unassigned YES unset down down
FastEthernet0/17 unassigned YES unset down down
FastEthernet0/18 unassigned YES unset down down
FastEthernet0/19 unassigned YES unset down down
--More--
SW3550_C#sh int vlan 10
Vlan10 is up, line protocol is up
Hardware is EtherSVI, address is 000e.831d.ce80 (bia 000e.831d.ce80)
Internet address is 10.10.10.254/24
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:01:59, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
1 packets output, 60 bytes, 0 underruns
0 output errors, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
SW3550_C#sh int vlan 10 20
Vlan20 is up, line protocol is up
Hardware is EtherSVI, address is 000e.831d.ce80 (bia 000e.831d.ce80)
Internet address is 20.20.20.254/24
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:06:10, output 00:01:46, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 47
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
27 packets input, 2538 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
8324 packets output, 748820 bytes, 0 underruns
2 output errors, 0 interface resets
0 output buffer failures, 0 output buffers swapped out


Now let verify if HOSTS in vlan 10 are able to ping HOSTS in vlan 20.

HostA_R3_2801#ping 20.20.20.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
HostA_R3_2801#ping 20.20.20.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)


Nothing is working - what is the problem?

The default gateway must be setup on all hosts.
Remember my hosts are routers that I am simulated as PC-

The default gateway for each vlan is the int vlan configured in L3 switch.


HostA_R3_2801#conf t
Enter configuration commands, one per line. End with CNTL/Z.
HostA_R3_2801(config)#ip route 0.0.0.0 0.0.0.0 10.10.10.254
HostA_R3_2801(config)#^Z
HostA_R3_2801#
access_server#2
[Resuming connection 2 to r4 ... ]

HostB_r4_3640#cof t nf t
Enter configuration commands, one per line. End with CNTL/Z.
HostB_r4_3640(config)#ip route 0.0.0.0 0.0.0.0 20.20.20.254
HostB_r4_3640(config)#^Z
HostB_r4_3640#wr
Building configuration...

access_server#3
[Resuming connection 3 to r5 ... ]
[OK]
HostC_R5_3640#
HostC_R5_3640#conf t
Enter configuration commands, one per line. End with CNTL/Z.
HostC_R5_3640(config)#ip route 0.0.0.0 0.0.0.0 10.10.10.254
HostC_R5_3640(config)#^Z
HostC_R5_3640#wr
Building configuration...

access_server#4
[Resuming connection 4 to r6 ... ]

*Mar 21 06:
HostD_R6_3640#conf t
Enter configuration commands, one per line. End with CNTL/Z.
HostD_R6_3640(config)#ip route 0.0.0.0 0.0.0.0 20.20.20.254
HostD_R6_3640(config)#^Z
HostD_R6_3640#wr
Building configuration...


Now is the moment of truth-
Intervlan communication
let ping hosts in different vlan


HostA_R3_2801#ping 20.20.20.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.2, timeout is 2 seconds:
..!!!
Success rate is 60 percent (3/5), round-trip min/avg/max = 1/2/4 ms
HostA_R3_2801#ping 20.20.20.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
HostA_R3_2801#
access_server#
[Resuming connection 1 to r3cme ... ]

HostA_R3_2801#ping 20.20.20.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/2/4 ms
HostA_R3_2801#ping 20.20.20.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
HostA_R3_2801#
access_server#4
[Resuming connection 4 to r6 ... ]

HostD_R6_3640#ping 20.20.20.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
HostD_R6_3640#ping 20.20.20.1 10.10.10.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
HostD_R6_3640#ping 10.10.10.1 2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/3/4 ms
HostD_R6_3640#ping 10.10.10.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
HostD_R6_3640#

Intervlan Communication - Answer part 1

Create Vlans and assigning interfaces to Vlan

SW2950_A#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW2950_A(config)#vlan 10
SW2950_A(config-vlan)#name ACCOUNTING
SW2950_A(config-vlan)#exit
SW2950_A(config)#vlan 20
SW2950_A(config-vlan)#name SALES
SW2950_A(config-vlan)#exit
SW2950_A(config)#int fa0/13
SW2950_A(config-if)#desc HOST A
SW2950_A(config-if)#sw mode acc
SW2950_A(config-if)#sw acc vlan 10
SW2950_A(config-if)#int fa0/14
SW2950_A(config-if)#desc HOST B
SW2950_A(config-if)#sw mode acc
SW2950_A(config-if)#sw acc vlan 20
SW2950_A(config-if)#^Z

Because of all of the switches are in the same VTP domain,
vlans created in SW_A will show up in SW_B and SW_C


SW12_B>en
Password:
SW12_B#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW12_B(config)#exit
SW12_B#sh vlan brief
5d01h: %SYS-5-CONFIG_I: Configured from console by console

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Gi0/1, Gi0/2
10 ACCOUNTING active
20 SALES active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup

SW12_B#sh vtp status
VTP Version : 2
Configuration Revision : 31
Maximum VLANs supported locally : 250
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : CCNP
VTP Pruning Mode : Enabled
VTP V2 Mode : Enabled
VTP Traps Generation : Disabled
MD5 digest : 0xAB 0x67 0x8C 0xDD 0x95 0x8D 0x0F 0xEA
Configuration last modified by 192.168.1.202 at 3-6-93 01:48:40
Local updater ID is 192.168.1.203 on interface Vl1 (lowest numbered VLAN interface found)


I am going to put HOST C and D in vlan 10 and 20 respectively.

SW12_B(config)#
5d01h: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to up
SW12_B(config)#int fa0/3
SW12_B(config-if)#desc HOST C
SW12_B(config-if)#sw mode acc
SW12_B(config-if)#sw acc vlan 10
SW12_B(config-if)#int fa0/4
SW12_B(config-if)#desc HOST D
SW12_B(config-if)#sw mode acc
SW12_B(config-if)#sw acc vlan 20


Now I am going to test pinging all HOSTS

From HOST A, I am going to ping HOST C
(HOST A and C are in the same vlan 10 - I should be able to ping it)

HostA_R3_2801#ping 10.10.10.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms


From HOST B, I am going to ping HOST D
HOST B and D are in the same vlan 20 - I should be able to ping it)



HostB_r4_3640#ping 20.20.20.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

HOSTS IN VLAN 10 ARE NOT ABLE TO PING HOSTS IN VLAN 20

HostB_r4_3640#ping 10.10.10.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

Thursday, October 1, 2009

Intervlan communication and dual vlan - home lab



Route to CCNP
I am "in" with the BCMSN training. The Network top above is my home work for this weekend.

I can going to post my conf on sunday.

Configure DUAL ISP BACKUP CONNECTION WITH CISCO ASA

Source : http://www.goarticles.com/cgi-bin/showa.cgi?C=1446826

In this article I will explain how to configure a Cisco ASA 5505 firewall to connect to dual ISPs for redundancy purposes. Suppose that we have a primary high-speed ISP connection, and a cheaper DSL line connected to a Secondary ISP. Normally all of our traffic should flow through the primary ISP. If the primary link fails, the secondary DSL connection should be utilized for Internet access. Please note that the above scenario is valid only for Outbound traffic (i.e. from our internal network towards the Internet). The functionality that I will describe below works for ASA 5505 version 7.2(1) and above.


Assume that we are assigned a static Public IP address of 100.100.100.1 from Primary ISP and another static Public IP address of 200.200.200.1 from our Backup ISP. We will use Ethernet 0/0 for connecting to Primary ISP, Ethernet 0/1 for connecting to our Internal LAN, and Ethernet 0/2 for connecting to our Backup ISP. We will create three VLANs to support our configuration. VLAN1 (the default Vlan) will be assigned to Ethernet 0/1 (inside), VLAN2 will be assigned to Ethernet 0/0 (primary-isp) and VLAN3 will be assigned to Ethernet 0/2 (backup-isp). We also have to configure two static default routes pointing to the ISP gateway address. The primary ISP default route shall have a metric of 1 and the backup ISP default route shall have a metric bigger than 1 (let's say 2). Let us see the configuration below:



ASA5505(config)# interface ethernet 0/0
ASA5505(config-if)# switchport access vlan 2
ASA5505(config-if)# no shutdown



ASA5505(config)# interface ethernet 0/1
ASA5505(config-if)# switchport access vlan 1
ASA5505(config-if)# no shutdown



ASA5505(config)# interface ethernet 0/2
ASA5505(config-if)# switchport access vlan 3
ASA5505(config-if)# no shutdown



ASA5505(config)# interface vlan 1
ASA5505(config-if)# nameif inside
ASA5505(config-if)# security-level 100
ASA5505(config-if)# ip address 192.168.1.1 255.255.255.0
ASA5505(config-if)# no shutdown



ASA5505(config)# interface vlan 2
ASA5505(config-if)# nameif primary-isp
ASA5505(config-if)# security-level 0
ASA5505(config-if)# ip address 100.100.100.1 255.255.255.0
ASA5505(config-if)# backup interface vlan 3
ASA5505(config-if)# no shutdown



ASA5505(config)# interface vlan 3
ASA5505(config-if)# nameif backup-isp
ASA5505(config-if)# security-level 1
ASA5505(config-if)# ip address 200.200.200.1 255.255.255.0
ASA5505(config-if)# no shutdown



ASA5505(config)# route primary-isp 0.0.0.0 0.0.0.0 100.100.100.2 1
ASA5505(config)# route backup-isp 0.0.0.0 0.0.0.0 200.200.200.2 2



DOWNLOAD the best step-by-step configuration tutorial for any Cisco ASA 5500 Firewall model Here.

Wednesday, September 30, 2009

VMWARE Keyboard Shortcuts

VMware Keyboard Shortcuts you should know
There are some required keyboard shortcuts you need to know just to use VMware. Then there are other keyboard shortcuts that you must know. Here's our list:

F11 switches to full-screen mode and back to normal mode
Ctrl-Alt-Insert sends a Ctrl-Alt-Delete to the VMware Guest OS
Ctrl-Alt is also used for - exiting full screen mode
Ctrl-Alt-Enter Expands the current VM into full-screen. If you have a number of VMs, this sequence will also move you between virtual machines
Ctrl-Alt-Tab switch between VMs when the mouse is grabbed
Ctrl-Tab switch between VMs when the mouse is not grabbed but VMware is the active window
Ctrl-Alt is used to exit a Virtual machine from having control of your mouse and return your mouse control to the host machine
Ctrl-Alt-Space will allow you to send a keyboard sequence usually used with VMware server to the VMware guest without VMware Server recognizing it

Now, here are some more that are used just within the VMware Server application to perform certain functions:

Ctrl-N create a new VM
Ctrl-O open a new VM
Ctrl-F4 remove the tab for a VM
Ctrl-D edit the config for a VM
Ctrl-G grab the input from your mouse/keyboard on the current VM (same as clicking on the console of the VM with your mouse)
Ctrl-P edit VMware Preferences
Ctrl-B power on a VM
Ctrl-E power off a VM
Ctrl-R reset power on a VM
Ctrl-Z suspend a VM

Source: http://www.petri.co.il/virtual_vmware_keyboard_shortcuts.htm

Thursday, September 17, 2009

Benefits of stacking switches

I was looking for a clear benefit of stacking switches and I believe this guy from the forum techguy.org put it so clear

http://forums.techguy.org/networking/755867-solved-benefits-stacking-switches.html


You are correct about the concept of stacking switches. The reason stacking switches is better than just doing link aggregation/Etherchannel is because of what you said. There is a specific type of cable used to link the switches together. The link is always greater than throughput of a LAG group to connect the switches. Many switches I've worked with have a limitation of 8 ports in a LAG group. So that means you're limited to 8 Gbps. Also, it's a bit unwieldy to have 8 cables coming off a switch connecting to another device. To illustrate the speed difference with a stacking bus on a stackable switch, I dug up specs on two stackable switches from two different manufacturers.

Cisco's 3750 switch is stackable and has a 32 Gbps bus. I've used these switches at work before. The cabling is included and linking switches is pretty straight forward.

Netgear's GS748TS has a stacking bus capable of 20 Gbps.

So as you can see, there is a significant advantage in using a stacking bus when available. Why is this a nice feature if you can spring for it? Well, you can add additional switches to your stackable switch(es) and still be able to manage them as one single switch. Let me say this feature is extremely useful when you have to manage a few switches in a business environment. Stackable switches also allow you to have the expansion capability of a chassis based switch solution like a Cisco Catalyst 4500/6500 switch without having to pay the higher premium to get into one.

Wednesday, September 16, 2009

Menu Bar missing from Outlook 2007

I have a user martialn who has the menu bar(file, edit, tools..) missing from his outlook 2007.

I tried to reset it by using customize toolbar but nothing worked.

So, to fixed it, I renamed the file outcmd.dat to old_outcmd.dat and reboot the computer. It is not easy to find that file.

so,here is the exact location (make sure show hidden folder is enable)

C:\Documents and Settings\martialn\Local Settings\Application Data\Microsoft\Outlook\

Please replace the user martialn by your customer user name.

Wednesday, September 9, 2009

VTP password mismatch

I found 2 ways to check the vtp password mismatch problem. The first method is to check the md5 digest line in the result of show vtp status

here an example;
swpoe has a vtp password of P@ssw0rd
sw2950_12 has a vtp password of P@ss

SW2950_12#
SW2950_12#sh vtp status
VTP Version : 2
Configuration Revision : 4
Maximum VLANs supported locally : 128
Number of existing VLANs : 9
VTP Operating Mode : Server
VTP Domain Name : titi
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xD1 0x81 0xD8 0xF8 0xF9 0x26 0x99 0xBE
Configuration last modified by 192.168.1.30 at 9-9-09 18:57:29
Local updater ID is 0.0.0.0 (no valid interface found)
SW2950_12#
access_server#1
[Resuming connection 1 to swpoe ... ]

SWPOE#sh vtp stsat a atus
VTP Version : running VTP1 (VTP2 capable)
Configuration Revision : 4
Maximum VLANs supported locally : 1005
Number of existing VLANs : 9
VTP Operating Mode : Server
VTP Domain Name : titi
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xB0 0x3C 0x3C 0x80 0xBF 0xF5 0x23 0x6F
Configuration last modified by 192.168.1.30 at 9-9-09 18:57:29
Local updater ID is 192.168.1.30 on interface Vl1 (lowest numbered VLAN interface found)
SWPOE#
access_server#2 3
[Resuming connection 3 to sw12 ... ]

Now I am going to change the password on sw2950_12 to the correct password of P@ssw0rd

SW2950_12#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW2950_12(config)#vtp password P@ssw0rd
Setting device VLAN database password to P@ssw0rd
SW2950_12(config)#^Z
SW2950_12#
01:59:08: %SYS-5-CONFIG_I: Configured from console by console
SW2950_12#sh vtp status
VTP Version : 2
Configuration Revision : 4
Maximum VLANs supported locally : 128
Number of existing VLANs : 9
VTP Operating Mode : Server
VTP Domain Name : titi
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xB0 0x3C 0x3C 0x80 0xBF 0xF5 0x23 0x6F
Configuration last modified by 192.168.1.30 at 9-9-09 18:57:29
Local updater ID is 0.0.0.0 (no valid interface found)

Now you see - md5 digest of swpoe and sw2950_12 are identical.


the second method is simple - run debug sw-vlan vtp events on the switch that is not receiving the update. For fast result, shut down and activate the trunk interface

SW2950_12#sh int trunk

Port Mode Encapsulation Status Native vlan
Fa0/12 desirable 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/12 1-4094

Port Vlans allowed and active in management domain
Fa0/12 1-4,100

Port Vlans in spanning tree forwarding state and not pruned
Fa0/12 1-4,100
SW2950_12#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW2950_12(config)#int fa0/12
SW2950_12(config-if)#shut
SW2950_12(config-if)#^Z
SW2950_12#
02:09:45: %SYS-5-CONFIG_I: Configured from console by console
02:09:46: %LINK-5-CHANGED: Interface FastEthernet0/12, changed state to administratively downshow
02:09:47: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down
% Type "show ?" for a list of subcommands
SW2950_12#debug sw-vlan vtp events
vtp events debugging is on
SW2950_12#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW2950_12(config)#int fa0/12
SW2950_12(config-if)#no shut
SW2950_12(config-if)#^Z
SW2950_12#
02:10:34: %LINK-3-UPDOWN: Interface FastEthernet0/12, changed state to up
02:10:34: %SYS-5-CONFIG_I: Configured from console by console
02:10:37: VTP LOG RUNTIME: switchport trunk mode on Fa0/12 has changed

02:10:37: VTP LOG RUNTIME: delaying first flood on new trunk

02:10:38: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to up
02:10:42: VTP LOG RUNTIME: Summary packet received, domain = titi, rev = 4, followers = 0

02:10:42: VTP LOG RUNTIME: Summary packet rev 4 equal to domain titi rev 4

02:10:42: VTP LOG RUNTIME: MD5 digest checksum mismatch on receive of equal revision summary

02:10:42: VTP LOG RUNTIME: Transmit vtp summary, domain titi, rev 4, followers 0
MD5 digest calculated = D1 81 D8 F8 F9 26 99 BE 10 94 BF EA FE 3A B0 9F

SW2950_12#


DID YOU SEE THE MD5 MISMATCH?

Tuesday, September 8, 2009

PASSED BSCI EXAM

Yes, Glory to God, I passed the BSCI exam last friday. Now it is time for the bcmsn.

My goal is to invest 2 hours of real study (no tv, no email, no phone) monday through Friday and get done with the bcmsn by November.

Tuesday, August 25, 2009

Sample Configuration for BGP with Two Different Service Providers (Multihoming)

No need to explain, click the following link

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008009456d.shtml

Monday, August 17, 2009

Multicasting querier Highest or Lowest IP?

According to cisco
http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r2.0/multicast/command/reference/3mrigmp.html

The designated router for a LAN is the only router that sends IGMP host-query messages:

•For IGMP Version 1, the designated router is elected according to the multicast routing protocol that runs on the LAN.

•For IGMP Versions 2 and 3, the designated querier is the highest IP-addressed multicast router on the subnet.

If the router hears no queries for the timeout period (controlled by the query-timeout command), it becomes the querier

Wednesday, August 12, 2009

IP POLICY

It is important to remember that Ip policy apply to the ARRIVING interface.



http://www.cisco.com/en/US/docs/ios/12_0/qos/configuration/guide/qcpolicy.html
Enable PBR
To enable PBR, you must create a route map that specifies the match criteria and the resulting action if all of the match clauses are met. Then you must enable PBR for that route map on a particular interface. All packets arriving on the specified interface matching the match clauses will be subject to PBR.

Monday, August 3, 2009

BGP - difference between local preference and weight attribute

The major difference between the Weight and LOCAL_PREF attributes is that when the LOCAL_PREF attribute is changed, that change is reflected throughout the AS. The new LOCAL_PREF value will be advertised to all other routers in the AS, as compared to the Weight attribute, which is locally significant only.

Friday, July 10, 2009

OSPF troubleshooting - No route update

R1 and R3 form a neighbor relationship but they are not exchanging route.

R3_CME_2801#sh ip ospf nei

Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 1 FULL/BDR 00:01:41 172.31.77.1 Serial0/3/0
R3_CME_2801#sh ip route ospf

R3_CME_2801#

What is the problem?

Solution: Mismatch in IP OSPF network type -

- make sure you have the same network type on both routers

Sh ip ospf int s0/3/0

- correct the mismatch network
conf t
int s0/3/0
ip ospf network point-to-point





R3_CME_2801#sh ip ospf nei

Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 1 FULL/BDR 00:01:41 172.31.77.1 Serial0/3/0
R3_CME_2801#sh ip route ospf

R3_CME_2801#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R3_CME_2801(config)#int s0/3/0
R3_CME_2801(config-if)#ip ospf net
R3_CME_2801(config-if)#ip ospf network point-to-multipoint
R3_CME_2801(config-if)#
*Jul 10 16:07:56.321: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Serial0/3/0 from FULL to DOWN, Neighbor Down: Interface down or detached
*Jul 10 16:07:56.569: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Serial0/3/0 from LOADING to FULL, Loading Done
R3_CME_2801(config-if)#do sh ip ospf nei

Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 0 FULL/ - 00:01:57 172.31.77.1 Serial0/3/0
R3_CME_2801(config-if)#do sh ip route ospf
172.31.0.0/16 is variably subnetted, 3 subnets, 2 masks
O 172.31.77.2/32 [110/128] via 172.31.77.1, 00:00:27, Serial0/3/0
O 172.31.77.1/32 [110/64] via 172.31.77.1, 00:00:27, Serial0/3/0
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
O 10.254.0.0/24 [110/74] via 172.31.77.1, 00:00:27, Serial0/3/0
R3_CME_2801(config-if)#

Tuesday, July 7, 2009

How to check the ISIS router level-type

The command to check the level-type of an ISIS router is :

sh clns protocol.

You can also check the interface isis level by typing

show clns int s0/1


Ex. I configure router 2 to the default level-1-2
and setup the internal router R6 for level-1 only

R2_2611XM#sh clns pro

IS-IS Router:
System Id: 2222.2222.2222.00 IS-Type: level-1-2
Manual area address(es):
49.0071
Routing for area address(es):
49.0071
Interfaces supported by IS-IS:
Serial0/1 - IP
FastEthernet0/0 - IP
Loopback2 - IP
Redistribute:
static (on by default)
Distance for L2 CLNS routes: 110
RRR level: none
Generate narrow metrics: level-1-2
Accept narrow metrics: level-1-2
Generate wide metrics: none
Accept wide metrics: none



R6_3640#sh clns pro

IS-IS Router:
System Id: 6666.6666.6666.00 IS-Type: level-1
Manual area address(es):
49.0072
Routing for area address(es):
49.0072
Interfaces supported by IS-IS:
Ethernet0/1 - IP
Ethernet0/0 - IP
Loopback6 - IP
Redistribute:
static (on by default)
Distance for L2 CLNS routes: 110
RRR level: none
Generate narrow metrics: level-1-2
Accept narrow metrics: level-1-2
Generate wide metrics: none
Accept wide metrics: none
Serial0/1 is up, line protocol is up
Checksums enabled, MTU 1500, Encapsulation HDLC
ERPDUs enabled, min. interval 10 msec.
CLNS fast switching enabled
CLNS SSE switching disabled
DEC compatibility mode OFF for this interface
Next ESH/ISH in 42 seconds
Routing Protocol: IS-IS
Circuit Type: level-1-2
Interface number 0x2, local circuit ID 0x100
Neighbor System-ID: R3_CME_2801
Level-1 Metric: 10, Priority: 64, Circuit ID: R3_CME_2801.00
Level-1 IPv6 Metric: 10
Number of active level-1 adjacencies: 0
Level-2 Metric: 10, Priority: 64, Circuit ID: R3_CME_2801.00
Level-2 IPv6 Metric: 10
Number of active level-2 adjacencies: 1
Next IS-IS Hello in 673 milliseconds
if state UP

Thursday, June 4, 2009

Show port number

I feel like I am learning a new command each day I am studying for my CCNP certification.

Today, I learned about show ip port-map

Hint: If you don’t know the UDP port number for mySQL, use the show ip portmap
command.

R2_2611XM#sh ip port-map ms-?
ms-cluster-net ms-dotnetster ms-sna ms-sql
ms-sql-m

R2_2611XM#sh ip port-map ms-sql
Default mapping: ms-sql tcp port 1433 system defined

Administrative distance of the default gateway

I just learn something I never check.

The administrative distance of the default gateway obtained through DHCP is
254, which is just 255 (Unreachable) – 1.

R3_CME_2801#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is 172.16.23.2 to network 0.0.0.0

172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
S 172.16.23.2/32 [254/0] via 172.16.23.2, FastEthernet0/0
C 172.16.23.0/24 is directly connected, FastEthernet0/0
S* 0.0.0.0/0 [254/0] via 172.16.23.2
R3_CME_2801#


The default administrative distance of the default gateway with ip route is 1

R1_2610XM(config)#ip route 0.0.0.0 0.0.0.0 172.16.12.2
R1_2610XM(config)#^Z
R1_2610XM#sh i pr
*Mar 1 17:17:12.909: %SYS-5-CONFIG_I: Configured from console by console
R1_2610XM#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is 172.16.12.2 to network 0.0.0.0

172.16.0.0/24 is subnetted, 4 subnets
D 172.16.23.0 [90/2172416] via 172.16.12.2, 00:28:02, Serial0/0.2
C 172.16.12.0 is directly connected, Serial0/0.2
C 172.16.1.0 is directly connected, Loopback1
D 172.16.2.0 [90/2297856] via 172.16.12.2, 00:28:02, Serial0/0.2
S* 0.0.0.0/0 [1/0] via 172.16.12.2

Thursday, May 28, 2009

How to release and Renew DHCP address with cisco router

Whaooo, it is so easy to release and renew dhcp with cisco router.

To release :

R2_2611XM#release dhcp fa0/0


to renew :

R2_2611XM#renew dhcp fa0/0

Source:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtdhcprr.html

Thursday, April 23, 2009

How to play mpg, flv movie in Powerpoint 2003/2007

It is a big frustration to many of you who are trying to play mpg, flv in powerpoint 2003/2007.

I just make $50.00 today fixing it.

Here is the 5 second solution that will save you or give you $50.00

1 - Download defilerpak
http://hellninjacommando.com/defilerpak/

2- Install it

3- play the file in windows media player (just to make sur that defiler installed correctly).

4- Insert the video in powerpoint presentation and voila - you can enjoy your presentation.

Very simple ehhhhhhhhhhhh.

Email me if you have any question: bertrand@tititec.com

Monday, April 20, 2009

Allows PING through ASA 5500 using ASDM

policy-map global_policy
class inspection_default
inspect icmp

--
Using asdm.
1- Go to configuration, firewall, Service Policy rules
2- Select Inspection_default, and clic on edit
3- Clic on the rule Actions tab
4- check icmp
5- clic ok and apply

Monday, March 23, 2009

Setting the clock of a cisco device with NTP

important commands:

WAN_RTR# configure terminal
WAN_RTR(config)# ntp server 64.209.210.20
WAN_RTR(config)# clock timezone ARIZONA -7
WAN_RTR(config)# clock summer-time CA1_DST recurring 2 sunday March 02:00 1 sunday
November 02:00

Thursday, March 19, 2009

How to see existing eigrp hello timer

The command to see the existing hello timer with eigrp is :

sh ip eigrp int detail

PR1_3640#sh ip eigrp int detail
IP-EIGRP interfaces for process 1

Xmit Queue Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable SRTT Un/Reliable Flow Timer Routes
Et0/0 1 0/0 2 0/2 50 0
Hello interval is 5 sec
Next xmit serial
Un/reliable mcasts: 0/14 Un/reliable ucasts: 18/16
Mcast exceptions: 1 CR packets: 1 ACKs suppressed: 4
Retransmissions sent: 2 Out-of-sequence rcvd: 0
Authentication mode is md5, key-chain is "CONGO"
Et0/1 1 0/0 2 0/2 50 0
Hello interval is 5 sec
Next xmit serial
Un/reliable mcasts: 0/17 Un/reliable ucasts: 20/7
Mcast exceptions: 1 CR packets: 0 ACKs suppressed: 2
Retransmissions sent: 2 Out-of-sequence rcvd: 0
Authentication mode is not set
Lo0 0 0/0 0 0/1 0 0
Hello interval is 5 sec
Next xmit serial
Un/reliable mcasts: 0/0 Un/reliable ucasts: 0/0
Mcast exceptions: 0 CR packets: 0 ACKs suppressed: 0

Xmit Queue Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable SRTT Un/Reliable Flow Timer Routes
Retransmissions sent: 0 Out-of-sequence rcvd: 0
Authentication mode is not set

The command to see the existing hold timer is:

sh ip protocol | i hold

PR1_3640#sh ip proto | i hold
EIGRP NSF-aware route hold timer is 240

Wednesday, March 18, 2009

Microsoft office 2007 can't save to network drive

The cause of the problem is the your antivirus (CA in my case). You must disable "protected network drive" under CA antivirus.

Tuesday, March 17, 2009

Subinterfaces on ethernet port

I am setting up my lab for the ccnp training and it seems like you cannot configure subinterfaces on an ethernet port.

I am able to configure it without any problem on Fastethernet.
BR2_2611XM#conf t
Enter configuration commands, one per line. End with CNTL/Z.
BR2_2611XM(config)#int fa0/0.34
BR2_2611XM(config-subif)#encap dot
BR2_2611XM(config-subif)#encap dot1Q 34
BR2_2611XM(config-subif)#desc CBT_PR1
BR2_2611XM(config-subif)#ip address 10.1.34.1 255.255.255.252
BR2_2611XM(config-subif)#int fa0/0.24
BR2_2611XM(config-subif)#encap
BR2_2611XM(config-subif)#encapsulation dot
BR2_2611XM(config-subif)#encapsulation dot1Q 24
BR2_2611XM(config-subif)#desc CBT_PR2
BR2_2611XM(config-subif)#ip address 10.1.24.1 255.255.255.252
BR2_2611XM(config-subif)#

Friday, March 13, 2009

PASSED CISCO CCNA VOICE

Whaooo - I am done with the projet. I am now CCNA VOICE certified. I passed my test last monday. It feels great to be over with it.

CCNA voice is great - The training is better than the test itself. I learn a lot. I can setup a complete voice system from scratch with voicemail, dial-peer, auto-attendant, hunt-group, intercom, paging,... It is beautiful.

I love the Voice training and I would like to learn more about the CALL MANAGER. But the CCVP is 2 more exams than the CCNP and the home lab costs almost 5 times more.

So, from next week, I am going to start the CCNP track. I hope will be more efficient on posting my journey.

On the CCNA VOICE exam, I will suggest to all of you to spend time with pratice and UC500.
50% of the question were on the UC500 and I used the following site to massacre the questions

https://www.myciscocommunity.com/servlet/JiveServlet/previewBody/1555-102-1-1922/UC500-CCA-First-Look-v1-Lab3.pdf

the rest of the 50% of questions were about the configuration, sampling, encoding and dial-peers. My home lab and the book did the job.

In my opinion, CCNA is harder than the CCNA VOICE.

I don't know may be because I have a better teacher and book (JEREMY CIORAS - Cbt nugget and the official CCNA VOICE BOOK) and specialy a great home lab.

I am still looking for a company that can help me achieve my goal of becoming a CCIE. For now, I am paying from my own pocket for lab, training books and dvd and test fees. It is hard but I hope in the near future, it is going to pay off.

Praise God for everything.

Thursday, March 5, 2009

Paging Group - NO DUAL-LINE

This is a reminder when configuring paging group in CME

conf t
ephone-dn 5
number 5001
name SALES PAGING
paging


Note Do not use the dual-line keyword with this command. Paging ephone-dns cannot be dual-line.

http://docstore.mik.ua/univercd/cc/td/doc/product/voice/its/cmeadm/feat/cmepage.htm#wp1010379


Configuring a Simple Paging Group
SUMMARY STEPS
1. enable

2. configure terminal

3. ephone-dn paging-dn-tag

4. number number

5. name name

6. paging [ip multicast-address port udp-port-number]

7. end



Configuring a Combined Paging Group
SUMMARY STEPS
1. enable

2. configure terminal

3. ephone-dn paging-dn-tag

4. number number

5. name name

6. paging group paging-dn-tag,paging-dn-tag[[,paging-dn-tag]...]

7. exit

8. ephone phone-tag

9. paging-dn paging-dn-tag {multicast | unicast}

10. exit

11. Repeat Step 8 to Step 10 to add additional IP phones to the paging group.

12. end

Tuesday, March 3, 2009

Do you miss Scribble (an origami-esque cat) or Power Pup (a superhero dog)

I receive a strange request today from a customer.

She missed the office assistant 2007 Power Pup (a superhero dog)- She is now using office 2003 and she is ready to go back to 2007 just for SUPERHERO DOG.

I can't believe people will miss that thingy. As a tech, I wanted microsoft to remove that annoying thing. From Today, I know I was wrong and SELFISH. People love and missed their little dog or cat.

So, here what I did to answer to the need of my customer and STOP being selfish.
TECH are not always right.

clic

1- start, setting, control panel
2- Add or Remove program
3- microsoft office and CLIC ON CHANGE (do not clic on REMOVE)
4- add or remove features
5- next
6- check mark the box - "choose advanced customization of applications".
7- expand Office Shared Features
8- expand office Assistant
9- choose THE OFFICE ASSISTANT THINGY that you love ex. ROCKY, OR CLIPPIT
10- Choose run from my computer

11- clic updte

and you are done.

cisco switch - display only connected interface

if you type, sh int status, you will get the status of all interface. But what about if I want just to display the interface with status connected?
I am using the following command until I find a better solution is:
sh int status | e not (display all interfaces excluded those with status NOTCONNECT).


SWITCH_B#sh int status

Port Name Status Vlan Duplex Speed Type
Fa0/1 IP PHONE 1 connected 50 a-full a-100 10/100BaseTX
Fa0/2 IP PHONE 2 connected 50 a-full a-100 10/100BaseTX
Fa0/3 IP PHONE 3 notconnect 50 auto auto 10/100BaseTX
Fa0/4 notconnect 50 auto auto 10/100BaseTX
Fa0/5 connected 50 a-full a-100 10/100BaseTX
Fa0/6 notconnect 50 auto auto 10/100BaseTX
Fa0/7 connected 50 a-full a-100 10/100BaseTX
Fa0/8 notconnect 50 auto auto 10/100BaseTX
Fa0/9 notconnect 50 auto auto 10/100BaseTX
Fa0/10 notconnect 50 auto auto 10/100BaseTX
Fa0/11 notconnect 50 auto auto 10/100BaseTX
Fa0/12 notconnect 50 auto auto 10/100BaseTX
Fa0/13 notconnect 1 auto auto 10/100BaseTX
Fa0/14 notconnect 1 auto auto 10/100BaseTX
Fa0/15 notconnect 1 auto auto 10/100BaseTX
Fa0/16 notconnect 1 auto auto 10/100BaseTX
Fa0/17 notconnect 1 auto auto 10/100BaseTX
Fa0/18 notconnect 1 auto auto 10/100BaseTX
Fa0/19 notconnect 1 auto auto 10/100BaseTX
Fa0/20 notconnect 1 auto auto 10/100BaseTX


SWITCH_B#sh int status | e not

Port Name Status Vlan Duplex Speed Type
Fa0/1 IP PHONE 1 connected 50 a-full a-100 10/100BaseTX
Fa0/2 IP PHONE 2 connected 50 a-full a-100 10/100BaseTX
Fa0/5 connected 50 a-full a-100 10/100BaseTX
Fa0/7 connected 50 a-full a-100 10/100BaseTX
Fa0/24 CONNECT TO SWITCH connected trunk a-full a-100 10/100BaseTX

Monday, March 2, 2009

OFFICE 2003 NETWORK INSTALLATION




Running Setup to create an administrative image
To distribute Office from a network server, you must first install Office on an administrative installation point by running Setup.exe with the /a command-line option. Then you can customize your Office configuration before running Setup on users' computers.

To create an administrative installation point for Office

Create a share on a network server for the administrative installation point.
The network share must have at least 550 megabytes (MB) of available hard disk space.

On a computer that has write access to the share, connect to the server share.
The computer must be running a supported operating system: Microsoft Windows® 2000 Service Pack 3 or Windows XP or later.

On the Start menu, click Run, and then click Browse.
On the Office 2003 CD, double-click setup.exe and add /a to the command line.
Note that if you are using the Office 2003 Select CD, type the name of the Setup program for the package you are installing. For example, if you are installing Office 2003 Professional from the Select CD, type SetupPro.exe /a on the command line.

Enter the organization name that you want to define for all users who install Office from this administrative installation point.
Enter the server and share you created as the installation location.
Enter the 25-character Volume License Key and click Next.
You must enter a valid Volume License Key when you create the administrative installation point; users who install Office 2003 from this administrative image do not need to enter the product key when they install Office 2003 or start an Office 2003 application for the first time.

Accept the end-user license agreement and click Install.
By accepting the agreement here, you are accepting on behalf of all users who install Office from this administrative installation point.
Setup copies the files from the Office 2003 CD to the administrative installation point, extracts the compressed cabinet (CAB) files, and creates a hierarchy of folders in the root folder of the share.


--------------------------------------------------------------------------------

Note When you install Office 2003 and you set features to run from the network (Run from Network or Run All from Network), you must create your administrative installation point in a subfolder on the share; for example, \\server\share\admin_install_point\setup.exe. If Setup.exe is stored at the root of the share, Office 2003 features do not run properly.


--------------------------------------------------------------------------------

The following table identifies the location of key files on the Office 2003 administrative image.

File Location
Setup.exe Root of the administrative image
Setup.ini Files\Setup
Office 2003 package (MSI file) Root of the administrative image
OPC files used to clean up previous versions Files\Program Files\MSOffice\Office11


Setup also modifies the Windows Installer package for Office, identifying it as an administrative installation package and setting the ProductID and COMPANYNAME properties accordingly. After you create the administrative installation point, you make the share available to users by providing them with read access.

When users run Setup to install Office, any Office features that are installed to run from the network use this administrative installation point as the source of Office files, and Office runs the features over the network from this server. Similarly, for features that are set to be installed on first use, Office copies files from this server when needed. If you install features in one of these two states, then you must keep this network server available to users. You can copy the administrative image to one or more backup servers to help ensure that users always have access to the source.

When users install Office from the administrative installation point, Setup uses the organization name that you specify as the default. With the Office 2003 Custom Installation Wizard, you can create a Windows Installer transform (MST file) that modifies the organization name during installation. This flexibility allows you to create different organization names for different groups of users in your organization.

You can specify the organization name on the Setup Properties in the Office Resource Kit Reference.


--------------------------------------------------------------------------------

Toolbox The Office 2003 Editions Resource Kit (ork.exe) includes the Custom Installation Wizard as part of the core tool set and is available as a download. You can find this downloadable file on the Office 2003 Resource Kit Downloads page.

Create a Hunt-group





Router(config)# voice hunt-group 1 longest-idle

Router(config-voice-hunt-group)# pilot 7501

Router(config-voice-hunt-group)# list 7001, 7002, 7023, 7028, 7045, 7062, 7067, 7072, 7079 Router(config-voice-hunt-group)# final 8000

Router(config-voice-hunt-group)# hops 6

Router(config-voice-hunt-group)# timeout 20

Router(config-voice-hunt-group)# exit

Friday, February 20, 2009

FREE CCNA VOICE LAB - HOME LAB - ip phone 7911 can't upgrade

My lab is available to anyone who want to practice. Plz just email me.

My lab has changed - It looks exactement like the one in JEREMY CIORAS "The official CCNA VOICE" book.

1 - Cisco 2801 with 1GB of usbflash -- CME and TFTP Server
1- CISCO 2611XM configured as the DHCP
1- CISCO switch 2950 - -- SWA-- where the CME and the DHCP are connected
1- CISCO switch 3550 ---- SWB --- where the ip phones are connected
3 - ip phones - (7941G, 7940G,7911)
1- PC pour FTP server and CIPC


So, I decided to write erase all the configurations and rebuild the lab.

After setting up the tftp server, and loads the appropriate firmwares, the cisco 7911 couldn't upgrade the firmware.

I reboot the phone several time, configure to factory default, but still nothing.

So, I decided to compare line by line the tftp-server command and the the
ME#dir flash:/phone/7906-7911
Directory of flash:/phone/7906-7911/

63 -rw- 2496963 Feb 10 2009 12:12:44 -08:00 apps11.8-3-2-27.sbn
64 -rw- 551014 Feb 10 2009 12:12:48 -08:00 cnu11.8-3-2-27.sbn
65 -rw- 2387207 Feb 10 2009 12:12:58 -08:00 cvm11sccp.8-3-2-27.sbn
66 -rw- 326315 Feb 10 2009 12:13:00 -08:00 dsp11.8-3-2-27.sbn
67 -rw- 307192 Feb 10 2009 12:13:02 -08:00 jar11sccp.8-3-2-27.sbn
68 -rw- 658 Feb 10 2009 12:13:02 -08:00 SCCP11.8-3-3S.loads
69 -rw- 662 Feb 10 2009 12:13:04 -08:00 term06.default.loads
70 -rw- 662 Feb 10 2009 12:13:04 -08:00 term11.default.loads

and


CME#sh run | s i tftp-server flash:/phone/7906-7911
tftp-server flash:/phone/7906-7911/apps11.8-3-2-27.sbn alias apps11.8-3-2-27.sbn
tftp-server flash:/phone/7906-7911/cnu11.8-3-2-27.sbn alias cnu11.8-3-2-27.sbn
tftp-server flash:/phone/7906-7911/cvm11sccp.8-3-2-27.sbn alias cvm11sccp.8-3-2-27.sbn
tftp-server flash:/phone/7906-7911/dsp11.8-3-2-27.sbn alias dsp11.8-3-2-27.sbn
tftp-server flash:/phone/7906-7911/SCCP11.8-3-3S.loads alias SCCP11.8-3-3S.loads
tftp-server flash:/phone/7906-7911/term06.default.loads alias term06.default.loads
tftp-server flash:/phone/7906-7911/term11.default.loads alias term11.default.loads


Then I found out that a line was missing

tftp-server flash:/phone/7906-7911/jar11sccp.8-3-2-27.sbn alias jar11sccp.8-3-2-27.sbn


Yes that single line can messup the old phone.

so, please be carefull.

Again, if you want to have access to my home lab and practice, feel free to contact me.

Thursday, February 5, 2009

The messaging interface has returned an unknown error...." OUTLOOK 2003 - Shared folder

I received a phone call from a customer today about outlook 2003 returning the following messsage when she try to print a shared calendar. "The messaging interface has returned an unknown error. If the problem persits, restart Outlook." She is able to print her own calendar without any problem.

Here how I fixed it.

1- double-clic the shared calendar

2- File, print, and clic define styles

3- Edit, and uncheck Taskpad

4- clic ok, ok And voila - she is back in business

Friday, January 16, 2009

SanDisk Ultra II Flash memory card on cisco 2801



I am happy today that my cisco 2801 is working again.

Yesterday, I had a power outage and my cisco 2801 went crazy. It booted only on rommonitor mode. I restarted it couple time and still the same.

I tried to xmodem a new IOS to the flash but without success and so I decided to ymodem.

The Ymodem worked, the ios was now in my DRAM but I figured out fast that the cisco compact flash was gone. I couldn't format it.

So, I decided to use a different cisco compact flash drive (64mb). The new flash worked fine and I was able to boot in normal mode.

I was happy but the battle wasn't over. I am using this cisco 2801 as my CME for my CCNA VOICE LAB. So, 64mb of compact flash wasn't enough.

Here is the good part. I decided to try the SANDISK ULTRA II flash card.

I went at officemax and find one, a 1GB for only $19.99 - I decided also to buy a 5in1 card reader.

steps:
1- plug the card reader in my pc and insert the sandisk ultra II compact flash in the reader

2- format the card using FAT16 (ATTENTION : You MUST format this card as FAT16)

3- copy my ios file from my pc to the flash card (I am still in my pc - just drag and drop)- The IOS I use is : c2801-adventerprisek9-mz.124-20.bin

4- format a usb flash drive (FAT16)- It is a 1gb usb flash drive- and copy the cme-full-4.3.0.0. tar and the IOS c2801-adventerprisek9-mz.124-20.bin
THIS STEP is not required - but it make things easier.

5- Power down the cisco 2801 and insert the usb flash drive and the SANDISK ULTRA II flash memory card.

6- Power on the cisco 2801, the boot process will take longuer than usual - just be patient.

7- You are now back in business, your cisco router should boot now normally.

8- Because I am using my cisco 2801 as my cme, I tranfered all my cme to the flash.

from the router prompt (in priv mode), type

Router# archive tar /xtract usbflash0:/cme-full-4.3.0.tar flash

As you noticed, I xtract my file from USB flash drive (that is why I have step 4)- The transfer is way much faster than using the tftp server.

and VOILA, everything work like a charm. I save hundred of box -

So, why cisco compact flash so expensive?

Important : IT DOESN'T WORK WITH A 2GB COMPACT FLASH.