Serial number check (warranty etc):
https://cway.cisco.com/sncheck/
ASA configuration, great site with manuals:
https://xgu.ru/wiki/Cisco_ASA
Initial setup manuals:
https://pyatilistnik.org/kak-nastroit-kommutatoryi-cisco-3-urovnya-na-primere-cisco-3560/
https://pyatilistnik.org/kak-nastroit-marshrutizator-cisco-organizatsiya-seti-dlya-nebolshogo-ofisa/
https://pyatilistnik.org/staticheskaya-marshrutizatsiya-cisco/
WiFi blog:
https://mrncciew.com/
Working with the flash file system:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/system_management/configuration_guide/b_sm_3se_3850_cg/b_sm_3se_3850_cg_chapter_010011.html
Recursively delete non-empty folder from flash:
delete /force /recursive flash:FOLDERNAME
Passwords Security:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/s1/sec-s1-xe-3se-3850-cr-book/sec-s1-xe-3se-3850-cr-book_chapter_0110.html
Cisco Device Security:
https://arny.ru/education/ccnp-enterprise/rasshirennaya-bezopasnost-cisco/
How to Reset Cisco Catalyst 3560 Back to Factory Defaults:
https://fatmin.com/2015/09/29/how-to-reset-cisco-catalyst-3560-back-to-factory-defaults
First you need to power down the switch. Once the switch is powered off, hold down the mode button, and power the switch on. The switch will boot up and you should see the switch prompt as shown below.
Now type flash_init. Your output should be similar to what you see below.
Check out the contents of flash and locate config.text and vlan.dat (if it exists).
Now delete the vlan.dat and config.text.
Reboot switch
Enter Rommon:
Push Ctrl and Break (use submenu in Putty) before the device start loading firmware.
Recover Catalyst Fixed Configuration Switches from a Corrupted Image:
https://www.cisco.com/c/en/us/support/docs/switches/catalyst-2950-series-switches/41845-192.html
Show full config:
show run all
Cisco hardware and info short:
http://wiki.ciscolinux.co.uk/index.php/Cisco_1941_with_EHWIC-4G-LTE-G
Cisco EHWIC-4G-LTE info:
https://jakondo.ru/nastrojka-modulya-cisco-ehwic-4g-lte-g-na-rabotu-s-mobilnym-operatorom-yota/
Additional ACL Features:
https://etutorials.org/Networking/Router+firewall+security/Part+III+Nonstateful+Filtering+Technologies/Chapter+7.+Basic+Access+Lists/Additional+ACL+Features/
Cisco IP SLA info:
IP SLA is needed, in particular, for setting up redundancy in networks with static routing.
https://www.practicalnetworking.net/stand-alone/cisco-ip-sla-using-a-cisco-router-to-generate-traffic/
https://learningnetwork.cisco.com/s/question/0D53i00000Kt0s9CAB/ip-sla-tracking-issue
Configure delay for flapping links:
https://packetpushers.net/blog/using-ip-sla-delay-feature-to-safely-monitor-lossy-links/
For example I’ve currently configured my home router like this:
track 1 ip sla 1 reachability
delay down 0 up 120
because my main home provider often fails for less than a minute and I’m experiencing frequent unneeded reconnects while working.
Configuring native VLANs on Cisco Switches:
https://www.practicalnetworking.net/stand-alone/configuring-vlans/
Speedup TFTP:
Increase or decrease the TFTP block size, experimentally choose which size is better:
ip tftp block 8192
Guest Shell (Virtualization) in IOS XE:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/173/b_173_programmability_cg/guest_shell.html
Backup before upgrade:
Sometimes you are facing a situation where there isn’t enough space on the flash: to store new firmware.
Before you delete old firmware files and upload new ones, you should backup old files to some place from where you’ll be able to restore them to a Cisco device if something will go wrong with the new IOS.
I’m using SCP for this purpose (read next article).
SCP copy from Cisco device to Windows PC:
On Cisco device:
Create username with privileges:
username SCPUSER privilege 15 secret SECRET
Enable SCP server:
ip scp server enable
On Windows device:
In CMD:
scp -O SCPUSER@XXX.XXX.XXX.XXX:flash:/FILENAME DISK:\
But ofcourse Windows won’t want to connect so easily, probably you will get errors.
In case of “Unable to negotiate: no matching key exchange method found.” add algorhytm that goes after “Their offer:”, for example
-o KexAlgorithms=+diffie-hellman-group-exchange-sha1
In case of “Unable to negotiate: no matching host key type found.” add algorhytm that goes after “Their offer:”, for example
-o HostKeyAlgorithms=+ssh-rsa scp
Almost 100% you’ll need to add both of them, so the complete input will be:
scp -O -o KexAlgorithms=+diffie-hellman-group-exchange-sha1 -o HostKeyAlgorithms=+ssh-rsa SCPUSER@XXX.XXX.XXX.XXX:flash:/FILENAME DISK:\
After you finish downloading all needes files, disable SCP server and delete user:
no username SCPUSER
ip scp server disable
Rollback configuration changes:
In general there are few options:
1. Set time to reload the device:
reload in xx (minutes)
If you want to cancel the reload, input reload cancel
Easy but there are few disadvantages: a) it reloads the device so it will take time until all services depending on that device became available b) if you saved the configuration to nvram reload won’t help
2. More complex but reliable way is to configure archive functions and set time of configuration rollback:
https://www.cisco.com/c/en/us/td/docs/ios/ios_xe/fundamentals/configuration/guide/2_xe/cf_xe_book/cf_config-rollback_xe.html
Enable archive function and set config archive name and maximum number:
conf t
archive
path flash:config-backup
max 10
end
Save current running (and perfectly working) configuration:
archive config
Check that configuration archive has been created:
dir flash:
you will see the optut with the list of files containing something like “config-backup-Nov–5-06-01-38.627-0”.
Set the time period you want to restore this saved configuration:
configure terminal revert timer idle 10 or config t r t i 10 with 10 minutes in this example.
Confinue with the configuration. If for any reason the connection to the device is lost, the settings will be restored after one minute without the confirmation request.
To cancel automatic configuration restore input configure confirm
