Networking-Notes

Working on 2 ftds today, one those FTD2120 was continuously booting in rommon. At the beginning I didn’t realized that was confreg issue. Thus, I proceeded and fully reimaged the device. Once I reimaged on the reload FTD stacked again on rommon. Then I realized that was something wrong with confreg on rommon Running the help command I saw the confreg command Running the confreg I saw the below "Configuration Register: 0x00000000"   Then I run the command  confreg 0x1 from rommon rommon 9 >   confreg 0x1 You must reset or power cycle for new config to take effect   rommon 10 > reboot Restarting the system... After that everything was ok 😊

  Having a customer running FTDs managed by FMC configured for remote access vpn. The authentication is performed through LDAP.   Taking a request that they can’t login with anyconnect and the message login failed appeared. Then I resetted my own password from AD as I didn’t save it when I created it (if I don’t save it on KeePass then always need a reset). I tried to login with my credentials and I successfully connected.   Then I knew that the issue was with specific user. I checked the FW config and everything was there correctly!   Intead of resetting the password I proceeded with some debugs on the firewall to better understand and find the issue. Before that I connected on FTD cli then on system support diagnostic-cli    sho debug debug aaa authentication enabled at level 1 debug aaa authentication enabled at level 1 (persistent) debug aaa authorization enabled at level 1 debug aaa authorization enabled at level 1 (pers...

As a wireless engineer with focus in wireless I could say I am more than familiar with airos WLCs. My experience with installations troubleshooting and maintaining those WLCs I can say I feel very confident. As those WLCs now are going to be replaced with iosxe wireless controllers I need to learn those new platforms. Even I have attended lot of webinars, cisco live presentations and documentation, I can say that I was scare of this new model. I don’t know the reason. I found this new model difficult for me at the beginning. As I understand later on the key on this was my first installation. I had to study a lot to understand this model and deploy the customer needs. After even the first installation I have different opinion!   Conclusion: Even the philosophy its different between the 2 WLCs, an engineer with airos experience will not find it very difficult to understand 9800. A tip for the wlc is to navigate into wireless setup (right up corner) Choose advanced Setup. You will see...

  Today I had to upgrade an AIROS cisco 2504 WLC. After checking if the APs are supported by the new recommended version I noticed that I had to install the supplementary image also. The reason was that 1602i APs wasn’t supported by the main image in 8.5.171.0 version. Due to image size cisco created separate file for some AP images called Supplementary AP Bundle image. Procedure:   Step 1:   Check the current WLC image (Cisco Controller) >show boot Primary Boot Image............................... 8.3.150.0 (default) (active) Backup Boot Image................................ 8.0.152.0 Step 2: Upload the new image ( AIR-CT2500-K9-8-5-171-0.aes ) I did the below procedure via HTTPS. Verify (Cisco Controller) >show boot Primary Boot Image............................... 8.5.171.0 (default) Backup Boot Image................................ 8.3.150.0 (active) Step 3: Check Supported APs of the new version (Cisco Controller) >show ap bundle primary Pr...

  I am writing this article regarding my home wifi connection. If you have any question/suggestion or something I am open to hear you. Contact me via LinkedIn or twitter account you can found here in this blog Recently one of my colleagues brought me one 2504 WLC for lab/home use. Thanks to him! Also I had some 3702i APs bought from eBay for lab purposes. Thus, I changed my home wifi setup with cisco devices. Let’s start with my internet connection. My home internet connection is 120 Down 20 Up and I have no any further internal infrastructure. Saying this to explain that the maximum internet speed I need (via wireless) is to reach my connection limit. ß The goal   ! Configuration I have statically configured the channel width to 40MHz. I am in cisco local mode, transmit power and channels are managed by RRM. ! Monitoring As we can see from client view of the cisco WLC, my client is 1ss capable, and my connection speed is 200Mbps. By looking the mcs table we can see ...

 Download the Appropriate image from cisco. Login to ME controller. Go to Management -> Software Update Choose TFTP as the below screenshot. At this point do not forget to extract the downloaded image and point the TFTP directory to the extracted folder containing the image.    ☝☝☝ SOS step as i already forgot that once and i spent time to found/remember it  Proceed with save and Update. AP will reboot and come back after around 5 min. (Hopefully Upgraded ) I found some difficulties to do it work with HTTP. If you have the way to do it you are very welcome to inform me also.

First go to rommon to install the  .lfbff  file (use tftp) Then perform the initial setup to do the preparation for .pkg file. On the link referenced below you can see models which interface is the appropriate.   Install the .pkg file (You cant use tftp. I used ftp) !! Download filezilla server and create the below user. system install  ftp://user:pass@10.10.10.100/asasfr-sys-5.3.1-152.pkg   You need to be sure what you are going to achieve before start reading the below excellent guide. You can choose what you want at the beginning.  https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/reimage/asa-ftd-reimage.html#task_lzh_2zn_rgb