Nexus 7k – show running-config aclmgr inactive-if-config for SVI ACL

I recently ran into an issue where I was preparing for a 7k ISSU. One of the first steps in the document from Cisco talks about running "show running-config aclmgr inactive-if-config". After I ran this I noticed that it listed an SVI with an ACL as inactive. After running "show interface vlan X" I saw …

Cisco FTD SCEP enrollment via AD CA NDES Server

I recently had a client that setup a CA and NDES server. They wanted to have their FTDs auto-enroll in the AD CA certs. They had followed this PETENETLIVE article to get NDES and AD CA setup. I won't rewrite this article, I'll just link to it. Essentially all you need is a Domain joined …

ASA Cluster and Active/Active Failover in GNS3

Here is how you can run an ASA Cluster and Active/ACtive Failover in GNS3: I did not make these files but I will share them here: Download the .gns3a appliance and load it into GNS3 Unzip the .7z file and select the hard drive when loading the appliance https://upw.io/3tp/ASA-Cluster-Appliance.gns3a https://upw.io/3to/ASA_with_clustering-915-16-Clustering_Security_Contexts_Enabled.7z

Cisco Catalyst Switch Sync time to Windows Domain Controller

Recently I had some issues syncing my switches to the Windows DC PDC Emulator for time. A lot of blogs were saying Windows only supports SNTP and not full blown NTP so we can not! Even Cisco docs say this! These docs are for versions before Windows Server 2008. The only issue I had with …

GNS3 BGP Route Injector

Here's how you can inject thousands of routes into BGP with testing GNS3. I recently discovered this blog post where someone created a Ubuntu VM that can do this. Here's a quick tutorial on how you can get this to work in your network. First of all, credit to the original creator! http://www.stubarea51.net/2016/01/21/put-500000-bgp-routes-in-your-lab-network-download-this-vm-and-become-your-own-upstream-bgp-isp-for-testing/ Now for …

How to replace a 3850 Stack Member and Upgrade the Stack

Here are some clear instructions on replacing a failed 3850 stack member (switch 4 in this case) and upgrading the 3850 stack as well. First, go get the latest recommended image as of 5/1/2018 download link: https://upw.io/2Ve/cat3k_caa-universalk9.16.03.06.SPA.bin 1. Take full backup of switch stack 2. Upgrade stack and new switch (separately) to latest image as …

Exit mobile version