How to Block or Limit the use of Bittorrent and P2P using NBAR on Cisco Router

class-map match-any DenyP2PTraffic description Deny Peer To Peer Traffic and Torrent match protocol bittorrent match protocol edonkey match protocol fasttrack match protocol gnutella match protocol kazaa2 match protocol winmx match protocol directconnect match protocol irc policy-map DenyP2PTraffic class DenyP2PTraffic drop OR == To Limit == class DenyP2PTraffic police cir 8000 conform-action drop exceed-action drop interface … Continue reading How to Block or Limit the use of Bittorrent and P2P using NBAR on Cisco Router →

CCNA Voice Summary – Part 12

Administrative User Interfaces for Unified Communicatin Products - CUCM, Unity Connection, CUPS, CUCX. Unified OS Administration - for software management upgrades, tftp management; time, security - IPSEC tunnels, certificate management; interface specifics etc. All SIP phones get their times from the NTP and the SCCP from CUCM. Unified Servicability - check which network services are … Continue reading CCNA Voice Summary – Part 12 →

CCNA Voice Summary – Part 11

Quality of Service Disadvantages of packet switched networks can be solved using QoS. ITU recommendations (G.114 specifications): Delay < or = 150 ms one way Jitter < or = 30 ms Packet loss < or = 1% Bandwidth for Voice and Video RTP is subject to codec, sampling, L2 and L3 overhead. Bandwidth for signaling … Continue reading CCNA Voice Summary – Part 11 →

CCNA Voice Summary – Part 10

Cisco unified Presence server CUPS It is a presence add-on to CUCM. It provides status information and enterprise instant messaging. Integration with CUPC -Cisco Unified Personal Communicator, IP Phone Massager IPPM (IM on a phone), Instant Messaging IM, 3rd party presence integration through SOAP and AXL. Uses standard SIP to collect data. It integrates into … Continue reading CCNA Voice Summary – Part 10 →

Troubleshooting MPLS

So today I got a complaint from one of the customers, what is wrong with the MPLS link? The services are very slow....So here are just a few commands you can use to find out what is happening. Perhaps there is a log Error G00-7800-01#sh log Syslog logging: enabled (11 messages dropped, 1 messages rate-limited, … Continue reading Troubleshooting MPLS →

Cisco R&S: Basic DHCP Configuration on a Cisco Router

Configure Excluded IPs for the 3 VLANS ip dhcp excluded-address 10.1.222.250 10.1.222.254 ip dhcp excluded-address 10.1.0.1 10.1.0.100 ip dhcp excluded-address 10.1.0.200 10.1.0.254 ip dhcp excluded-address 10.1.1.250 10.1.1.254 Configure Voice Pools ip dhcp pool VOICE_VLAN network 10.1.222.0 255.255.255.0 option 150 ip 10.1.222.254 default-router 10.1.222.254 lease 30 ip dhcp pool DATA_VLAN network 10.1.0.0 255.255.255.0 default-router 10.1.0.254 lease … Continue reading Cisco R&S: Basic DHCP Configuration on a Cisco Router →

Cisco Wireless: How to configure Multiple SSIDs on CISCO AP1141

hostname AP00-1141-01 ! Enable aaa to use local authentication aaa new-model aaa authentication login default local aaa session-id common ! Configure domain name no ip domain lookup ip domain name me.com ! dot11 mbssid dot11 syslog dot11 vlan-name data_wifi vlan 39 dot11 vlan-name visitor_wifi vlan 40 ! dot11 ssid Data vlan 39 authentication open authentication … Continue reading Cisco Wireless: How to configure Multiple SSIDs on CISCO AP1141 →

Cisco R&S: How to configure a Router to be a DNS server

! Enable DNS on the router G00-2811-01(config)#ip dns server ! Enable dns spoofing G00-2811-01(config)#ip dns spoofing ! Enable domain lookup G00-2811-01(config)#ip domain-lookup ! Configure the external servers ip name-server 195.5.128.130 ip name-server 195.5.128.137 ! (Optional) Configure the domain name G00-2811-01(config)#ip domain name me.com ! Configure the pool to use the routers sub interface as dns-server … Continue reading Cisco R&S: How to configure a Router to be a DNS server →

Cisco Wireless: How to configure a named access list to deny traffic from a Visitor Vlan to Internal Resources

This is what I am trying to achieve. I would like the Guest Vlan to get access only to the internet. Everything else is banned. Here is what i have so far: interface FastEthernet0/0 description To_Internet ip address 1.1.1.1 255.255.255.252 ip access-group 102 in ip nat outside ip inspect RED out ip virtual-reassembly in duplex … Continue reading Cisco Wireless: How to configure a named access list to deny traffic from a Visitor Vlan to Internal Resources →

Cisco R&S: Configure AAA with local authentication on Cisco Router

First let us configure local authentication to use this username and password G00-2921-01/29(config)username admin privilege 15 secret 0 admin G00-2921-01/29(config)enable secret 123456 Enable AAA on the Router G00-2921-01/29(config)#aaa new-model Configure local authentication. This uses the username and the password that I have already configured on the router for authentication. G00-2921-01/29(config)#aaa authentication login default local I … Continue reading Cisco R&S: Configure AAA with local authentication on Cisco Router →