Articles tagged with cisco

  1. Interesting OIDs for Cisco NBAR

    Posted on in programming

    In today's complex network environments, monitoring traffic efficiently is crucial for maintaining performance and security. Tools like Cisco NBAR (Network-Based Application Recognition) and MRTG (Multi Router Traffic Grapher) can provide valuable insights into network usage. In this article, we'll discuss how to use a Perl script with MRTG to collect …

  2. Securing Virtual Terminal (VTY) Lines

    Posted on in networking

    In the rapidly evolving landscape of network security, ensuring the protection of Virtual Terminal (VTY) lines on Cisco-based networks remains a critical task. VTY lines provide remote access to routers and switches, typically via telnet by default, making them prime targets for remote brute force password attacks. This article will …

  3. Utilizing Cisco IP Cache Flow to Identify Abusive Hosts

    Posted on in networking

    As a network engineer, identifying and mitigating network abuse is a critical task. Cisco's IP cache flow tools can help you detect hosts responsible for generating high volumes of traffic, which is often indicative of abusive behavior such as Denial of Service (DoS) attacks. Here’s an updated guide to …

  4. Fast and Furious: Examining the 30-Second Load Interval

    Posted on in networking

    The load-interval command in Cisco IOS allows network administrators to define the time frame used to calculate interface load statistics. By default, this interval is set to 5 minutes, providing a broad overview of traffic patterns. However, some situations might call for a more granular view. Here's a breakdown of …

  5. Troubleshooting "%TAC+: no address for get_server" on Cisco Devices

    Posted on in networking

    The error message "%TAC+: no address for get_server" can send shivers down the spine of any network administrator. It signifies a problem with TACACS+ (Terminal Access Controller Access-Control System Plus), a crucial security protocol for user authentication, authorization, and accounting (AAA) on Cisco devices. But fear not, for this guide …

  6. Demystifying Throughput: A Deep Dive into TTCP on Cisco Platforms

    Posted on in networking

    In the labyrinthine world of network troubleshooting, pinpointing performance bottlenecks can feel like navigating a maze blindfolded. While various tools exist, the Cisco Test TCP (TTCP) utility often emerges as a hidden gem for gauging real-world throughput on network paths. This article embarks on a comprehensive exploration of TTCP, uncovering …

  7. Testing Network Performance with "Tclsh iperf" on Cisco

    Posted on in networking

    Network performance testing is a critical aspect of maintaining and optimizing a network, ensuring it meets the demands of modern applications and services. If you're using Cisco networking equipment, you have a powerful tool at your disposal: "Tclsh iperf." In this comprehensive guide, we'll walk you through how to utilize …

  8. load-interval 30: For and Against

    Posted on in networking

    The "load-interval" command is used in network configuration settings, particularly in Cisco routers and switches, to specify the interval at which the interface's load statistics are updated and collected. Setting "load-interval 30" means that the device will collect load statistics for the interface every 30 seconds. The choice of this …

  9. TACACS Detected 'Invalid Argument'

    Posted on in Networking

    As always, I've changed pertinent details for reasons.

    I was working on an ASR the other day and received the follow error:

    RP/0/RSP0/CPU0:ASR9K(config-tacacs-host)# commit
    Fri Jul 29 12:55:46.243 PDT
    
    % Failed to commit one or more configuration items during a pseudo-atomic
    operation. All …
  10. [Cisco] Telnet/SSH work, HTTP Gives Permission Denied

    Posted on in Networking

    Here are a few tips that might be helpful if you are having trouble accessing your Cisco router or switch via the web server.

    • Make sure you have the right password! This is pretty obvious, but it's definitely the first thing worth checking.
    • If you're using aaa new-model, you will …
  11. Disable Spanning-Tree Per VLAN

    Posted on in Networking

    If you need to disable spanning-tree on a particular VLAN in your Cisco-based network, use the following command:

    Switch(config)# no spanning-tree vlan 13
    

    This will disable spanning-tree on unlucky VLAN 13.

    If you have some good examples of why you might want to disable spanning-tree for a VLAN, please …

  12. Recover Lost Pre-Shared Keys

    Posted on in Networking

    Not everyone has a great password maintenance process. If you run into a situation where the group pre-shared keys for your VPN are lost, you face the option of changing the existing key (and breaking any users that are currently working), or creating a new group with a new key …

  13. Cisco IPS Inline Bypass Mode

    Posted on in Networking

    On occasion, you may need to put your Cisco IPS into bypass mode. Bypass mode allows the IPS to pass traffic without inspecting it. This may be useful if you suspect the IPS is causing a problem, if you are going to run a one-time scan that would set the …

  14. Enabling Stateful Switchover in the Cisco ASR1000

    Posted on in Networking

    When you get your brand new Cisco ASR1000 series router, Stateful Switchover (SSO) is disabled by default:

    Router# show redundancy states
           my state = 13 -ACTIVE 
         peer state = 1  -DISABLED 
               Mode = Simplex
            Unit ID = 6
    Redundancy Mode (Operational) = Non-redundant
    Redundancy Mode (Configured)  = Non-redundant
    Redundancy State              = Non Redundant
    

    Enable SSO!

    Router# config …

Slaptijack's Koding Kraken