Recently came across these Cisco 3D Icons, the ones you usually see in Cisco Press Books and Materials. I really liked it, but it had white backgrounds but who cares when they are awesome. You can download from the below link.
Saturday, January 29, 2011
Sunday, January 23, 2011
Converting Autonomous Access Point to Lightweight Access Point
If you have lot of Access Points to be converted, then you definitely need to use the conversion tool which is available on the Cisco Website. But if it is only a single Access Point you could do it with a TFTP Server and an Autonomous To Lightweight Mode Upgrade Image (downloadable from the Cisco Website).
Connect a Console to the Access Point and power up the Access Point either using a Power Adapter or a Power Injector. If the Access Point is new out of the Box, it is pre-configured to obtain an IP Address from a DHCP Server. If you don't have a DHCP server, assign a static IP Address.
AP(config)#interface bvi 1
AP(config-if)#ip address <ip address> <subnet mask>
Open your TFTP Server, with the Autonomous To Lightweight Mode Upgrade Image copied to its root directory. From the Access Point CLI issue the command
AP#archive download-sw /overwrite /reload tftp://<ip address of the tftp server>/<upgrade image file>
The Access Point will download the file and overwrite the existing image file (/overwrite) in the flash and then reboot (/reload) into LWAPP mode. If the reload does not happen, enter the reload command manually.
Once the Access Point is converted, connect it to your network. The Switch port to which it is connected should be configured in the Access Point Management VLAN, so that the Access Point can communicate with the Wireless LAN Controller. Hold down the mode button on the Access Point before you power up the Access Point and release it once the LED turns amber (approx 10 seconds). This is required to delete the existing configuration on the access point and return it to the factory defaults.
Thursday, January 20, 2011
CS-MARS authentication with Cisco Secure ACS
First on the ACS, to add the CS-MARS device, go to Network Configuration > Add Entry, then add the CS-MARS hostname, IP Address & Shared Secret Key. From the Authenticate Using drop down list select RADIUS (IETF) and click Submit + Apply. Create a user account on the ACS for the user who wants access to the CS-MARS (Go to User Setup to create a user on the ACS).
On the CS-MARS also we need to create an account for the same user. Go to MANAGEMENT > User Management, click Add to create a new user. Enter the Role and the Login (username) of the user and click Submit.
Log into the CS-MARS as pnadmin and go to ADMIN > System Setup > Authentication Configuration. From the AAA Server Configuration: box click Add. Here you define your ACS Server and how MARS should communicate with it. Select whether to configure the ACS server on an existing host that MARS is aware of or on a new host. After entering basic IP address and interface information, click Next and on the Reporting Applications window select Generic AAA Server and click Add. On the AAA Server Configuration Window, enter the Name, Shared Secret Key (as given in the ACS), the Authentication Port (1812) and Accounting Port (1813). You should use the Test Connectivity button to verify that CS-MARS can communicate with the radius server and also to verify that user accounts can be authenticated against. Lastly go to the Authentication Configuration screen again and select AAA Server for Authentication method and select the server you just defined. You can add a secondary AAA Server in the same way.
If, for any reason, you need to change authentications back to Local, you will need to recreate a password for each user. Once the authentication method is changed to radius, all local passwords on the MARS appliance (except the pnadmin user) are deleted.
Wednesday, January 19, 2011
ATA 188 Duplex and Speed Change
Cisco ATA 188 Ethernet port duplexity and speed can be configured from the Cisco ATA web configuration page (http://<ATA-IP-Address>/DeviceInfo ). The ATA 188 has two Ethernet RJ-45 10/100 BASE-T ports, both with configurable duplex and speed. One is used as an uplink connecting to the switch and the other as a data port for connecting to a PC. The IP Address of the ATA device (ATA-IP-Address) can be obtained from the connected switch using show cdp neighbors <interface_type> <module/port> detail command.
The speed & duplex of the Ethernet ports can be configured by changing the values of Switchports parameter on the http://<ATA-IP-Address>/NetCfg page .
Applicable Bits
• Bits 0-3 are for the PC port
• Bits 4-7 are for the uplink port
Bit Values
• 0=10 Mbps, half duplex
• 1=10 Mbps, full duplex
• 2=100 Mbps, half duplex
• 3=100 Mbps, full duplex
• 4 = AUTO detect
• Other bit values are not valid
By default the ATA works in 10Mbps, half duplex (0x00000000). The Switchports parameter can be changed to 0x000000FF for 100Mbps, full duplex & 0x00000022 for 100Mbps, half-duplex. After the value has been entered, click on apply. Switch OFF the ATA power and then switch it back ON for the configuration to complete. After switching ON, the Function button on top of the ATA blinks quickly indicating that the ATA is upgrading the configuration.
ATA 188 is past End-of-Life and probably out of most networks, but it could perform auto-negotiation for duplexity and speed and is capable of 10/100 Mbps, full-duplex operation. The Cisco ATA 186 on the other hand is fixed at 10 Mbps, half-duplex operation.
Monday, January 17, 2011
CS-MARS Upgrade
The thought of upgrading the CS-MARS software is a pain for most MARS Administrators, mainly because of the time it consumes to upgrade to the latest version. The upgrading of the MARS software can only be done sequentially, version by version. The recommended method of upgrading a CS-MARS device is through the CLI using the pnupgrade command. The most reliable and easiest pnupgrade method is using a CD-ROM. The software can be downloaded from the Cisco site and burned on to a CD.
pnupgrade cdrom://csmars-6.1.1.3445.zip
Other pnupgrade methods are ftp, http & https. MARS requires that the upgrade server enforces user authentication.
pnupgrade -u username:password ftp://ftpserver/csmars-version.zip
Most people prefer GUI for doing the upgradation, but could end up facing lot of issues. One of the most common errors GUI users face is, Upgrade csmars-6.1.1.3445.zip failed. Failed to pass the version dependency test. Chances are the data versions do not match even though you upgrade the software, version by version. The MARS appliance can screw up the data version numbers giving you this error. You can check this via CLI by typing in the commands.
[pnadmin]$ version
6.0.8 (3428) 36
[pnadmin]$ pnupgrade
CSMARS Upgrade...........[14033]
------------------------------------------------
Package Name Type Version URL
------------------------------------------------
csmars-6.1.1.3445.zip BD 6.1.1.3445.38 N/A
csmars-6.0.8.3428.zip BD 6.0.8.3428.37 N/A
csmars-6.0.7.3404.zip BD 6.0.7.3404.36 N/A
csmars-6.0.6.3368.zip BD 6.0.6.3368.35 N/A
csmars-6.0.5.3358.zip BD 6.0.5.3358.34 N/A
csmars-6.0.4.3229.zip BD 6.0.4.3229.33 N/A
csmars-6.0.3.3190.zip B 6.0.3.3190 N/A
csmars-6.0.3.3188.zip BD 6.0.3.3188.32 N/A
csmars-6.0.2.3102.zip BD 6.0.2.3102.31 N/A
(data version number is highlighted), CS-MARS obtains this upgrade order from the MARSCatalog.xml file embedded in the zip file.
In the above case, 6.1.1 will not get installed because the data version of the previous upgraded software version 6.0.8.3428.36 does not match with the MARSCatalog version 6/0/8/3428/37. To get 6.0.8 (3428) 37, again install 6.0.8 via CLI (It wouldn't run from the GUI). This should resolve the issue.
If your CS-MARS has connectivity to internet, the upgradation could be done directly from the Cisco Website. But you will have to have a valid CCO ID with to ability to download software.
Subscribe to:
Posts (Atom)