set tacacs enable
set tacacs command authorization enable
set tacacs singleconnect enable
set tacacs server 1 10.0.xx.y9 49 supersecret
set tacacs server 2 10.0.xx.y8 49 supersecret
Category Archives: Network
ISDN Cable
ISDN BRI S/T Cable
| 8 Pin | TE | NT | Polarity |
|---|---|---|---|
| 1 | Not used | Not used | Not used |
| 2 | Not used | Not used | Not used |
| 3 | Transmit | Receive | + |
| 4 | Receive | Transmit | + |
| 5 | Transmit | Receive | – |
| 6 | Receive | Transmit | – |
| 7 | Not used | Not used | Not used |
| 8 | Not used | Not used | Not used |
| 1 | Not used | Not used | Not used |
ISDN BRI Cross Over Cable
| Side A (8 Pin) | connect | Side B (8 Pin) | |
|---|---|---|---|
| 1 | Not used | 1 | |
| 2 | Not used | 2 | |
| 3 | <-> | 4 | |
| 4 | <-> | 3 | |
| 5 | <-> | 6 | |
| 6 | <-> | 5 | |
| 7 | Not used | 7 | |
| 8 | Not used | 8 | |
| 1 | Not used | Not used | Not used |
Bandwidth Throttling / Policing on Cisco ASA
http://slazyk.com/2009/08/bandwidth-policing-throttling-cisco-asa/
Cisco – Enterasys – LACP
http://reischle.net/ReischleNet/Networking-Blog/8E664038-ED23-4D24-9350-6AB76037A832.html
Cisco DNS Server
ip dns view default
dns forwarder 10.0.243.143
dns forwarder 10.0.243.144
ip dns server
http://www.nil.com/ipcorner/RouterDNS/
http://blog.ioshints.info/2006/09/use-your-cisco-router-as-primary-dns.html
Enterasys N-Series CLI
You can configure the Enterasys CLI to behave in a more common way when you use:
On a Session Base:
set line-editor emacs
set line-editor delete backspace
To make this permanent:
set line-editor emacs default
set line-editor delete backspace default
Installing the Cisco Security Manager on Windows 2008 R2
Cisco Security Manager
Hardware
| Manufacture | Dell | Cisco Requirements |
|---|---|---|
| Model | 2850 | |
| CPU | 2xIntel Xeon 3.40 GHz | |
| RAM | 8GB | |
| OS | Windows 2008 R2 / 64bit |
Prepare Windows 2008 R8
Swap Size C: 12280MB D: 12280MB
Replace a Harddisk on a WAE-7341
We have installed some WAE-7341 Boxes in our computer center. Recently one installed harddisk has failed and we need to replace it.
Cisco AnyConnect VPN with Cisco 3845
After the implementation of the AnyConnect Client to our ASA5500 is at a good state i want to have some backup until our productional hardware will delivered. 😉
So i decided to use one of our Cisco 3845 Routers to do the job.
show version
[sourcecode gutter=”false” autolinks=”false” collapse=”true”]
C3845#show version
Load for five secs: 1%/0%; one minute: 3%; five minutes: 3%
Time source is NTP, 07:48:17.248 CET Sat Sep 11 2010
Cisco IOS Software, 3800 Software (C3845-ADVSECURITYK9-M), Version 15.0(1)M1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 02-Dec-09 16:43 by prod_rel_team
ROM: System Bootstrap, Version 12.4(13r)T10, RELEASE SOFTWARE (fc1)
C3845 uptime is 34 weeks, 4 days, 14 hours, 47 minutes
System returned to ROM by reload at 15:53:45 CET Mon Jan 11 2010
System restarted at 15:55:20 CET Mon Jan 11 2010
System image file is "flash:c3845-advsecurityk9-mz.150-1.M1.bin"
[/sourcecode]
First i installed the AnyConnect Package on the Router.
[sourcecode gutter=”false” autolinks=”false”]
C3845(config)#webvpn install svc flash:/anyconnect-win-2.5.1025-k9.pkg sequence 1
SSLVPN Package SSL-VPN-Client (seq:1): installed successfully
[/sourcecode]
[sourcecode gutter=”false” autolinks=”false”]
ip local pool CSM_POOL_1 10.2.16.20 10.2.16.30
ip local pool vpnpool 10.2.16.31 10.2.16.41
ip local pool SSLVPNClient 10.2.16.50 10.2.16.60
!
webvpn gateway SSLVPN
ip address 192.168.10.66 port 443
ssl trustpoint TP-self-signed-2234495401
inservice
!
webvpn install svc flash:/webvpn/anyconnect-win-2.5.1025-k9.pkg sequence 1
!
webvpn context SSLVPN
ssl authenticate verify all
!
!
policy group SSLVPN
functions svc-required
svc address-pool "CSM_POOL_1"
svc keep-client-installed
svc dns-server primary 10.0.243.143
svc dns-server secondary 10.0.243.144
default-group-policy SSLVPN
gateway SSLVPN
inservice
!
[/sourcecode]
If you feel this helps a bit or may be not ? Please leave a comment.
Cisco ASA AnyConnect VPN
Some Notes what todo
http://www.block.net.au/blogs/james/pages/active-directory-vpn-authentication-with-a-cisco-asa-5510-series-appliance.aspx
radius authentication für die ASA
ASA 8.X: AnyConnect Start Before Logon Feature Configuration
Configuration Examples and TechNotes
ToDo:
av-pairs ????
certificate selection process
certifate import on cli / asdm  /ios
set the certificate on the interface : ssl trust-point MyTrustPoint Outside
Docu: Backup Gateway
Piuctures: ASDM, CCP
Write complete setup down ….
Reference the Docu. 
http://www.cisco.com/en/US/docs/security/asa/asa83/getting_started/5500/guide/getstart.html
http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/svc.html#wp1090595
http://www.cisco.com/en/US/docs/security/asa/asa83/asdm63/configuration_guide/config.html
http://www.cisco.com/en/US/products/ps8411/prod_maintenance_guides_list.html