In Cisco IOS, EXEC mode commands cannot be run from the Global Configuration mode or in any other configuration mode. This means, everytime an admin makes a change from the configuration mode (Global Config) then you have to "end" or "Ctrl+Z" back to the EXEC mode and run the EXEC commands like "show", "clear" and "debug" commands.With the "do" command thats a thing of the past. The "do" command can be used to run any EXEC commands from within Global Configuration mode or any other Configuration mode without having to end the config mode.
Category: Cisco
How to Configure Local SPAN Port on Cisco Catalyst Switch
Cisco SPAN port is a SwitchPort ANalyzer on the cisco catalyst that allows to select and span or copy traffic from one or more source switchports or source VLANs onto one or more destination ports. The destination port(s) runs a sniffing or a packet capture program like Ethereal, Wireshark or TCPDump.
Cisco IOS support Local SPAN and Remote SPAN (RSPAN). (more…)
How To enable Secure Shell (SSH) in Cisco IOS and disable Telnet
Using Telnet for remote administration of Cisco Routers and Switches (infact for any other device like a unix,linux or a solaris seerver) is not very secure as the data including the passwords are sent in clear text. It will only be a matter of time for a malicous attacker who can sniff the packets to gain access to the passwords and infact the whole network.
It is recommended that Secure Shell (SSH) is used for remote administration of Cisco Routers and Switches.
NOTE: Cisco IOS on the Catalyst switches are by default supplied with the SSH feature bultin. However, the basic Cisco IOS for the routers do not have the SSH facility built-in. To use the SSH feature on Cisco Routers, you need to have the Cisco IOS version with the IPSec(DES or 3DES) encryption software.
Configure Cisco Port Security on Switches and Router interface
Cisco Port Security is a features that can help secure access to the physical network. Any Network admins nightmare is an unauthorised device or a PC connecting to the network. This could be as simple as an innocent guest plugging his PC into a floor port hoping to get an internet connection or a malicious intruder connecting to the network trying to gain access to confidential information.
Consequences could as bad as
- Virus, Spyware or malware infection from a PC unprotected PC
- A malicious hacker or an intruder gaining access to the network
- A malicous attacker launching a Denial of Service attack using MAC Address flooding
Cisco IOS has the port-security feature which can be used to restrict the MAC-Address of the devices that connects to each of the physical switchports.
How To Rollback configuration change in Cisco Routers & Switches
As a Network admin there will be more than one instance when we hit a state where we need to rollback to a previous configuration. In Cisco Switches and Routers this can be done using the configure replace command.
Cisco IOS 12.3 and later supported the new feature called Configuration Replace and Configuration Rollback where by the last saved configuration can be rolled back to the running config.
Switch Miner – Opensource Cisco Switchport discoverer
Map your Cisco Catalyst switchports with Switch Miner. Switch Miner is a lightweight command line tool for Windows that queries Cisco switches using SNMP to discover the devices that are connected to the switchports.
HowTo: Find switchport for a MAC Address on a Cisco Catalyst Switch
If you have a big network with multiple Access Switches connecting to the core switches or routers then tracing a device like a PC or a laptop for troubleshooting or security purposes is one of those tasks that you often end up doing. This is not a difficult task but can certainly be time consuming.