Cisco Blog

Someone at Cisco Live 2010 highly recommended this place...I'm about to take the plunge to have a SIP Trunk as my home phone line - I'll talk more about this later, just putting the link here so I don't lose it:

http://www.viatalk.com/

Image via Wikipedia

Yes, yes...I know. It's been awhile since my last post. A little too much work lately to post about anything!

So, I don't usually use this blog to announce new CBTNuggets series, but this little gem is different. When it came time to upgrade Cisco BSCI to Cisco ROUTE (the new CCNP track), it was nearly 100% reuse (honestly, there's not too much difference between the titles...Cisco ROUTE doesn't have multicast - that's about it). However, when CBTNuggets and I discussed the new series, a decision was made to re-record nearly the entire thing. Why? It's all about labs.

The Cisco ROUTE exam expects plenty more hands-on experience than the ol' Cisco BSCI series. So call this my little "experiment"...nearly every major topic in Cisco ROUTE has a matching, pre-designed lab in GNS3. These took a ton of time to design and test, so I'm hoping this works out as well as I think it will - but I really want to hear your experience with it!

Check it out: Cisco ROUTE series on CBTNuggets

Pretty nifty gadget crossed my email this week. It's a Universal Cable Adapter. With the turn of a clicker, you can have straight-through, crossover, rolled, T1 cross, etc... It'd be a fun addition to my network bag-o-tricks.

Check this out - Ray Blair (Cisco guy) creates a TCL script for your IOS-based router that will send SLA probes (performance measurement) and create a graphical display of the results...ALL WITHIN YOUR ROUTER (no external monitoring software needed)! This is insane...impress your friends (ehhh...Cisco-knowledgeable friends, that is) with this one:

Here's the link: http://www.cisco.com/web/services/news/ts_newsletter/tech/chalktalk/index.html

I've arrived at Cisco Live 2010 in Las Vegas - someone has said this is the largest Cisco Live event (attendance-wise) ever. With the mobs of people walking by, I believe it! If you're attending the conference, I'll be presenting a CCNA Voice session on Wednesday at 12:30pm...stop by and say hi!

Anything Cisco or iPhone are always interesting. Anything Cisco AND iPhone are great! Two interesting updates from Cisco:

1. Apple announces the next iPhone software update (v4) will include Cisco SSL VPN support (If only those SSL VPN license upgrades weren't so freakin' expensive!)

2. iPhone Security Intelligence Operations (SIO) To Go Application gets upgraded to Version 3 (get security alerts as they happen)

After much pain and toil, I have finally gotten SecureCRT 64-bit to integrate with GNS3 where each connection opens in it's own tab with the correct hostname. Here is the string I used (Under Terminal Preferences):

c:\PROGRA~1\VANDYK~1\SecureCRT\SecureCRT.exe /T /N %d /telnet 127.0.0.1 %p

Found this helpful tip on this forum post.

So, I just completed the new CCNP Cisco ROUTE exam while preparing to create the next CBTNuggets series...WOW! What a test. Simply put, if you don't really know what you're doing, you won't pass this test. What Cisco has been able to do with the simulation engine is amazing. Typically, the simluation engine for testing is limited to basic objectives (set the password to such and such, change logon banners, etc...). In this world, you'll experience powerful, multi-path simulation engines. No more bullet list of objectives to accomplish - you've got to pull your requirements out of a (fairly complex) scenario and put your ninja configuration skills to the test.

...personally, I think terms like "paper CCNP" will not apply to the new CCNP exams. Extremely good test. All in all, you REALLY need to know your stuff in a "been there, done that" sense to pass this exam. The questions go beyond the surface of network technology and require plenty of intuition to figure out.

It's funny - it's a little hard to explain. "Unfortunately, no one can be told what the Cisco ROUTE exam is...you must experience it for yourself." (Morpheus could have explained the Matrix just fine...he just agreed to the non-disclosure agreement before filming the movie).

Image via Wikipedia

I was recently asked by a friend what type of router he should by for his house. Naturally, I recommend Linksys (solely because it has a Cisco logo). So, I went to their website to give some recommendation, and much to my surprise...nothing is there! Well, nothing except two product lines:

Linksys Valet (Wireless)

Linksys E-Series (Router)

I was actually a little bugged at first since I'm used to the plethora of meaningless Linksys model numbers and variations...but then I realized him much simpler this has become. It's like In-N-Out Burger: just give me a cheeseburger please.

With the iPad making it's debut, I've had a couple clients wanting an IPSec Remote Access VPN so they can access the corporate network remotely from their iPad. Here's the starting template I use:

same-security-traffic permit inter-interface
same-security-traffic permit intra-interface

ip local pool RA_VPN_POOL 10.1.200.100-10.1.200.150 mask 255.255.255.0

crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac

crypto dynamic-map RA_VPN 65535 set transform-set ESP-AES-128-SHA
crypto dynamic-map RA_VPN 65535 set security-association lifetime seconds 28800
crypto dynamic-map RA_VPN 65535 set security-association lifetime kilobytes 4608000

crypto map VPN_MAP 65535 ipsec-isakmp dynamic RA_VPN
crypto map VPN_MAP interface outside

isakmp enable outside
crypto isakmp policy 10
 authentication pre-share
 encryption aes
 hash sha
 group 2
 lifetime 86400
 
tunnel-group ITT_RA type remote-access
tunnel-group ITT_RA general-attributes
 address-pool RA_VPN_POOL
 default-group-policy RA_VPN_GP
tunnel-group ITT_RA ipsec-attributes
 pre-shared-key <group key>
group-policy RA_VPN_GP internal
group-policy RA_VPN_GP attributes
 wins-server value 10.0.0.1 10.0.0.2
 dns-server value 10.0.0.1 10.0.0.2
 vpn-tunnel-protocol IPSec
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value Split_Tunnel_List
 default-domain value mydomain.com
 address-pools value RA_VPN_POOL

*Don't forget necessary NAT 0 commands / Split Tunnel ACL

Ever notice that explaining to people that you are a Cisco engineer gets quickly translated to "computer guy" to family and friends? I have rebuilt countless family and friend PCs that are all gunked up with malware, spyware, and who knows what else ("the pop up told me I had 14,020 viruses, so I told it to please fix it...").

Anyhow, the most painful piece of this process is finding all the drivers. Enter cool-tool-of-the-week: HWInfo32.

This little freeware app reliably detects all major components installed in the PC. Talk about a lifesaver when it comes to an old Dell laptop where they possibly used one of 15 different video card models.

Put this on your USB key...it's a keeper. Download it from here.