Nick's Network Corner

Had a client that needed a range of IP's specifically 8.  The only trouble was getting a block that would suffice out of the /24 and distribute it into chunks. If you're handy with math and understand CIDR / Subnetting this is an easy way to get your numbers quickly. Lets say our range is 1.1.1.0/24  and we need a total of 8 ip's ( 6 usable ). What is the subnet mask going to be? Well there are 256 TOTAL numbers of bits on or off in an octect (X.X.X.X each x represents an octet) to make up an actual number. 0 through 255   = 256 total because we count 0 So simple math: I need 8 right ? 256 -  8 = 248 Subnet mask = 255.255.255. 248 Now we just need to find a block or range.  Lets say we want to have 200 as a range. If you just take that number (200 for example) and divide by 8 you will see if it goes into it evenly or not. If it does this is the starting network address. For example = 200 /  8= 25 EVENLY     ...

So working on an IPS module. I finally got it up and running with a reload and install of an upgrade package. However the NTP server would not sync even though it was configured correctly! When adding an IPS module to the IPS Manager Express you may come across the following error.  In order to fix this we need to re-associate the time clock and make sure that the local host and the IPS are actually in sync. What to check: 1. Check NTP Configuration  IPS# sh clock - Check clock to make sure it is in sync or not with the actual NTP Server / ASA host 14:44:29 GMT-06:00 Tue May 28 2013 IPS# sh statistics host - Check the configuration of the host to make sure that it is actually synchronized and associating to the correct NTP source General Statistics    Last Change To Host Config (UTC) = 28-May-2013 18:18:06    Command Control Port Device = Management0/0 Network Statistics     = ma0_0     Link encap:Ethernet ...

Below is the IOS configuration from my lab for a SIP trunk to the sip provider and h323 gateway configured in Call Manager: **** This is only for incoming calls. Outbound call isn't fully configured. Voicegateway Configuration: ! ! ! ip domain name lab.local ip name-server 8.8.8.8 ! ! voice call send-alert voice rtp send-recv ! voice service voip   allow-connections h323 to h323  allow-connections h323 to sip  allow-connections sip to h323  allow-connections sip to sip  h323  sip   bind control source-interface FastEthernet0/0   bind media source-interface FastEthernet0/0 ! ! ! ! voice class h323 1 ! ! ! ! ! voice translation-rule 1  rule 1 / Inbound PSTN Number / /4200/ ! ! voice translation-profile CALLED  translate called 1 ! ! ! ! ! ! archive  log config   hidekeys ! ! ! ! ! ! interface FastEthernet0/0  description Main Link to Switch  ip address ...

So the masses are just screaming. They can't connect to the wireless SSID. Gather the client's MAC from their wireless network connection: CMD: (In windows command prompt)  - ip config - scroll to wireless connection To begin its time to debug! CMD : debug client <MAC ID> Example : debug client 11:22:33:44:55:66  After a debug we can see the clients' authentication or errors based on the MAC addressed defined. Below is a debug of the client having issues: Authentication has exceeded its maximum attempts. This leads me to check into the radius server before changing any settings for attempts or timing values ( which can be a problem as well ).  Low and behold the radius server had an expired authentication certificate. 

If you forget the OS password and you're trying to access one of the following: - CLI - Cisco Unified OS Administration - Disaster Recovery System You can reset the password if you ssh the to Call Manager node. When you log in the username and password you will use will be : user:   pwrecovery pass: pwreset After we get into the system. Make sure you do the following: 1. Remove all CD / DVD Media from the Server. 2. Insert a valid CD or DVD into the Disk Drive for the CUCM Version / Installation 3. Continue so we get the menu listed above and enter the letter " a " to reset the admin password. When we reset the the password make sure you use non-basic passwords like birthdays, names, or dictionary words. If you use any of the password types CUCM will deny the usage of the password. As above I entered a general password and I was denied using the password due to being a "dictionary word". So I retried and used a special secret...