In this article I will configure dynamic complex ACL (Lock and Key). This technique is described during CCNA4 Exploration.
About Lock and Key
Description from the cisco web
Recovering from a Lost or Forgotten Password
The default configuration for the switch allows an end user with physical access to the switch to recover from a lost password by interrupting the boot process during power-on and by entering a new password. These recovery procedures require that you have physical access to the switch.
There are three steps to enable traceroute:
- In policy map “global_policy” in class “inspection_default” you need to add “inspect icmp” and “inspect icmp error”
- In policy map “global_policy” in class “class_default” you need to add “set connection decrement-ttl”
- On your oudside interface, you need add access list, that permits ICMP with “time-exceeded” on ingress direction
There is code, that you can paste in your ASA firewall:
Simple web calculator used for computation of the IP subnets through VLSM:
- Default route origination not working reliably.
- Automatic summarization turned on causes major networks to be propagated throughout the RIP domain with a metric of 1.
- Using RIPv2 on NBMA hub-and-spoke topology causes the hub router to rewrite the next hop field in the RIPv2 update to the IP address of the spoke router advertising the originalupdate, thereby creating reachability issues
Sometimes in my lab happens that students delete IOS of the switch from its flash. Unfortunately switches does not have rommon to realize quick IOS recovery over tftp. Only one way is over Xmodem.
Cat 2960 switchIOS recovery
To speed up the process of the recovery we may setup Xmodem speed to higher rate as default 9600 bits:
In this article I will describe how to proceed if your firmware upgrade on SRW 248G4 switch failed and the switch then stop working.
I have found only one solution how to recover from this disaster and it is sending a new firmware over PC serial (COM) port using xmodem protocol. A new firmware can be send to the failed switch with the help of Startup menu of the switch. The Startup menu can be entered when the switch is booting.
The flash animation explains how to configure DHCP server on a cisco router using the SDM. Where to find and how to install the SDM is described in this article.
The Security Device Manager, or SDM is possible to find on www.cisco.com on the following web link
http://www.cisco.com/pcgi-bin/tablebuild.pl/sdm
The Cisco Connection online (CCO) user guest account is needed, which we may create for free.
When I was trying to unpack ASA 8 image using GNS3 utility unpack0.1-win on my windows 7, I always received following error: