Category: Routing
Another NVRAM broken?
On Monday I visited another customer who had problems saving the running configuration of a Cisco devices. The devices involved were a Cisco 2620 and a Cisco 2610XM router. Both routers weren’t able to save their running configuration. Both routers show the following error-message: startup-config file open failed (Bad file number) By both routers I … Read More
Configuration Example, Routing
Policy NAT on Cisco router
A colleague of mine had to implement an IPSec VPN tunnel from a customer to a supplier. The customer has a Cisco router for connecting to the Internet, so nothing special. The router is already setup and in production. Configuring an extra IPSec VPN tunnel isn’t very hard, the most important part is the negotiation … Read More
Cisco ASA & ESX: strange ARP behavior
Last week I had a very strange problem with a Cisco ASA firewall. The firewall is configured with multiple interfaces, including a DMZ interface. There are multiple servers in the DMZ. These servers are physical and virtual servers. The virtual servers are VMware servers in a blade environment. I configured the feature ip verify reverse-path … Read More
Configuration Example, Routing
Netstat on IOS router
I often use the netstat command on a Windows machine to check on which IP and/or ports the servers or workstation is listening or established connection. By accident I found the same kind of command for a Cisco IOS router, while I was looking through the CLI. Check out the output below: Router#sh control-plane host … Read More
GRE over IPsec with Cisco ASA
In different scenario’s it is required to configure some kind of routing protocol between two offices, but the routers should be configured to look directly connected to each other. Normally I always configure an IPsec VPN between the two offices and configure an additional GRE tunnel over the IPsec VPN tunnel. In that way the … Read More
Configuration Example, Routing
HSRP and ACL’s
I added a Guest VLAN to a network environment with two multi layer switches running HSRP. To secure the internal network from the Guest VLAN, I added a ACL to the Guest VLAN SVI. The ACL is stated below: ip access-list extended GUEST-DENY-RFC1918 remark Allow DHCP permit udp any eq bootpc any remark Deny RFC … Read More