On several occasions it happened that they had colleagues who did the TFTP tantrums (32 MB maximum upload and then bang it froze) I have always solved TFTPD32 that I can recommend to you all.
2009 19 August 2009
ASA Active / Standby
First of all we have to check with the command sh ver if we have a valid license as indicated below
Maximum Physical Interfaces : 8
VLANs : 20, DMZ Unrestricted
Inside Hosts : Unlimited
Failover : Active/Standby
VPN-DES : Enabled
VPN-3DES-AES : Enabled
NOTE FOR THE CONFIGURATIONS WITH ASA 5505
GLi asa 5505 configuration only supports Active / Standby and Active / Active.
SETTING UP THE UNIT 'PRIMARY
Configure the address for each interface of primary and standby. Sicccome platform with the introduction of the ASA is dissasociazione interface between physical and logical implemented through the use of VLANs is in this part of the configuration that must act
conf t
(config)#interface Vlan1
(config-if)#ip address active_addr netmask standby standby_addr
for example .....
(config-if)#ip address 192.168.0.1 255.255.255.0 standby 192.168.0.2
As for the faiover avrmo bisongo the use of an interface will proceed thus creating a VLAN without associrvi an ip address.
Then attach it to the interface that will use this vlana for failvoer that will:
or connected via a cross cable to another ASA
or through the use of a dedicated switch with that VLAN (Recommended for the accuracy of link detection)
interface Vlan100
description LAN Failover Interface
no shutdown
failover
failover lan unit primary
failover lan interface failover Vlan100
failover interface ip failover 192.168.255.1 255.255.255.0 standby 192.168.255.2
utilizzaimo a range not used in the local network.
UNIT CONFIGURATION 'SECONDARY
interface Vlan32
description LAN Failover Interface
no shutdown
we just need to enable failover ....
failover
failover lan unit secondary
failover lan interface failover Vlan100
failover interface ip failover 192.168.255.1 255.255.255.0 standby 192.168.255.2
for debugging and to see the state show failover
2009 10 August 2009
Edit Access List
Editing an access list without deleting ...
1) make a show access-list and check
2) enter setup
conf t
3) select the access list of reference
ip access-list ext 102
4) to give a no with the line number
no 30
2009 May 06 2009
To allow PPTP tunnels to pass through a PIX / ASA
On Pix
fixup protocol pptp 1723 SAA the same syntax, which is then converted, or:
pixfirewall (config) # policy-map global_policypixfirewall (config-pmap) # class inspection_defaultpixfirewall (config-pmap-c) # inspect pptp
2009 May 05 2009
How to enable SSH on Catalyst Switches
Entering consoled the configuration
conf t
Enter hostname and domain name (senzai which the certificate is not generated)
ip domain-name www.bomby.it
Generate the certificate used for SSH
crypto key generate rsa modulus January 1024
ip ssh time-out 60
ip ssh version 2
ip ssh authentication-retries 3
The grand finale we enable ssh and telnet allow ssh behind
line vty 0 4
transport input telnet ssh
2008 17 November 2008
ASDM is unable to continue loading. Click OK to exit from ASDM. Unconnected sockets not implemented.
I try to connect to a ASA5505 I just reinstalato my pc ..
ASDM is unable to continue loading. Click OK to exit from ASDM.
Unconnected sockets not implemented.
L 'is incompatible with the ASDM Java JRE 6u7 JRE 6u10.bisogna effetture downgrade to see the ASDM rifunzionare
2008 10 November 2008
Router TFTP Server
Cisco routers can act as a TFTP server?
I've often asked this question today I had time to investigate ....
router (config) # tftp-server? Flash: Allow TFTP File URL load requests null: Allow TFTP File URL load requests nvram: Allow TFTP File URL load requests system: Allow TFTP File URL load requests
the exact command is
tftp-server flash: version ios.bin ACL (optional)
2008 November 02 2008
BREAK
How do I send the break signal to the software to configure the equipment or do password recovery
- HyperTerminal: ctrl + break (ctrl + pause)
- HyperTerminal version 595160: Ctrl-F6-break
- Minicom: ctrl + alt + f (simultaneously)
- Telnet: ctrl + J
- Teraterm: alt-b
2008 17 March 2008
ASA Update
More and more often I truly ASa to release General Deploy defined by other technicians installed or not properly aligned with the stable release as defined by Cisco THE procedure is pretty simple Once you have logged in console you proceed with a copy from a TFTP server previously instalato (I use TFTPD32 ) ASA5510 # copy tftp disk0: Address or name of remote host []? 172.16.31.1 Source filename []? asa722-k8.bin Destination filename [-asa722 k8.bin]? Accessing tftp :/ / 172.16.31.1/asa722-k8.bin ...!!!!!!!!!! !!!!!!!!!!!!!!!!! !!!!!!!! !!!!!!!!!!!!!!!!! !!!!!!!! Writing file disk0 :/ asa722-k8.bin ... !!!!!!!!!!!!!!!!! !!!!!!!! !!!!!!!!!!!!!!!!! !!!!!!!! !!!!!!!!!!!!!!!!! !!!!!!!! 8312832 bytes copied in 163,350 secs (50998 bytes / sec) ASA5510 # show disk0: - # --- Length - -----date/time------ path 6 5124096 Jan 01 2003 00:06:22 asa702-k8.bin 7 5623108 February 12 2007 00:23:48 ASDM-522.bin 10 5539756 12 February 2007 00:14:18 ASDM-521.bin 11 8294400 Dec 07 2006 05:47:20 asa721-24-k8.bin 12 6002680 Dec 21 2006 03:58:30 ASDM-52034.bin 13 8312832 12 February 2007 22:46:30 asa722-k8.bin 23949312 bytes available (38932480 bytes used) ! --- Command to set "asa722-k8.bin" as the boot image. ASA5510 (config) # boot system disk0 :/ asa722-k8.bin ! --- Command to set "ASDM-522.bin" as the ASDM image. ASA5510 (config) # ASDM image disk0 :/ ASDM-522.bin ASA5510 # write memory ASA5510 # reload
