Problem: if you want to debug a IOS app with MITMProxy, the iPhone needs to trust the MITMProxy CA. This is done by going to http://mitm.it/ and clicking on the apple symbol. Then you have to accept the “profile” in Settings “downloaded profiles”. Then you have to trust this new CA cert in “Settings” “General” …
Problem: Cisco ASR router is loosing connectivity to its directly attached Ethernet neighbors. In this situation interface status is still up, packets are going in and out on both ends, even IPv6 was still working. The actual problem was that the Cisco ASR was ignoring all ARP responses from its neighbors and the ARP table to this …
I had to update the software of a new Cisco Catalyst 4948 yesterday. As usual I did: copy tftp://<hostname>/<filename> bootflash: conf t boot system flash bootflash:<filename> exit reload But the switch ignored the new software image. During boot it said: Booting first image from bootflash Solution: The config-register was set to 0x2101 right out of …
Problem: Windows NLB IPs are are not reachable through and from Cisco routers and switches. NLB services could be IIS arrays, Exchange CAS arrays, etc. Solution: NLB mode was set to Multicast. In this mode Windows incorrectly uses multicast mac addresses. Set the NLB mode to Unicast and configure static mac address table entries on …
Continue reading ‘Windows Network Load Balancing NLB and Cisco Routers/Switches’ »
If you want to bind some ethernet interfaces into one logical interface between two ciscos switches you have to configure an interface first: interface Port-channel 1 then add some interfaces into this new interface: interface GigabitEthernet 1/0/1 channel-group 1 mode active and you can check the status with: show etherchannel 1 summary Three names …
Continue reading ‘Cisco has weird naming conventions for groups of interfaces’ »
Problem: a Cisco 1941 [15.1(2)T2] (Client) tries to connect to an Cisco7300 [12.3(22)] (Server) using L2TP, but after successful authentication of the client the server drops the connection. Solution: The client tried to authenticate the server, but the server had no password for authentication. Normally only the client authenticates to the server in ISP environments. …
Vienna: 10. August 2011 Problem: A network of some Cisco Access Points AIR-AP1142N-E-K9 connected to an small router works good as expected but when the user tries to connect to en PPTP VPN the connection fails with a time-out. Solution: it was no NAT problem in this case (I fixed this before). Cisco IOS 12.4(21)?? …