How to route between VRFs on a Cisco router

This guide is the simplest way to route between 2 VRFs on a Cisco router. I didn't invent this method as someone showed it to me. Here's the GNS3 project + images if you want to follow along. https://upw.io/3uh/route-between-vrfs.gns3project   Essentially IOU1 is the client with 192.168.1.1, and the default gateway is IOU2. IOU2 PATs …

Continue reading "How to route between VRFs on a Cisco router"

RDP error: This could be due to CredSSP encryption oracle remediation.

If you get this error, you need to create this registry key to fix it:   You can either download the fix for the .reg file here or create it yourself with the code below RDP CRED SSP FIX REG FILE   Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters] "AllowEncryptionOracle"=dword:00000002

Nexus 7k – show running-config aclmgr inactive-if-config for SVI ACL

I recently ran into an issue where I was preparing for a 7k ISSU. One of the first steps in the document from Cisco talks about running "show running-config aclmgr inactive-if-config". After I ran this I noticed that it listed an SVI with an ACL as inactive. After running "show interface vlan X" I saw …

Continue reading "Nexus 7k – show running-config aclmgr inactive-if-config for SVI ACL"

Cisco FTD SCEP enrollment via AD CA NDES Server

I recently had a client that setup a CA and NDES server. They wanted to have their FTDs auto-enroll in the AD CA certs. They had followed this PETENETLIVE article to get NDES and AD CA setup. I won't rewrite this article, I'll just link to it. Essentially all you need is a Domain joined …

Continue reading "Cisco FTD SCEP enrollment via AD CA NDES Server"

ASA Cluster and Active/Active Failover in GNS3

Here is how you can run an ASA Cluster and Active/ACtive Failover in GNS3: I did not make these files but I will share them here: Download the .gns3a appliance and load it into GNS3 Unzip the .7z file and select the hard drive when loading the appliance https://upw.io/3tp/ASA-Cluster-Appliance.gns3a https://upw.io/3to/ASA_with_clustering-915-16-Clustering_Security_Contexts_Enabled.7z

Cisco Catalyst Switch Sync time to Windows Domain Controller

Recently I had some issues syncing my switches to the Windows DC PDC Emulator for time. A lot of blogs were saying Windows only supports SNTP and not full blown NTP so we can not! Even Cisco docs say this! These docs are for versions before Windows Server 2008. The only issue I had with …

Continue reading "Cisco Catalyst Switch Sync time to Windows Domain Controller"