Category Archives: Cisco

Cisco CSR1000v Router as NAT Instance on AWS

We’ll use the below scanrio in this tutorial in which we’ll configure Cisco CSR1000v Router as custom NAT Instance within our vpc on AWS.

NAT

Read more of this post

Advertisements

Linux IPSec Site-to-Site VPN: AWS VPC & Cisco Router

In this tutorial, we will use the Site-to-Site VPN scenario with the modification and one of the customer site that is using Cisco router, which is also acting as gateway for LAN plus the vpn gateway while from the AWS side, we are using the exact same Ubuntu Linux router.

Please review the previous tutorial before starting this tutorial, as I’ll use the previous tutorial as the base for this one.

topologyNote: Please don’t waste your time in hacking, all these public devices and IP(s) are Temporary, I have destroyed them after finished this tutorial.

VPN Configuration on Cisco Site: Read more of this post

Cisco AnyConnect VPN Client Installation on Ubuntu 12.04 LTS

This tutorial will explain you that how we can install Cisco AnyConnect Client or Cisco VPN Client on Ubuntu 12.04 LTS.

First,updates the local repository information:

sudo apt-get update

1

After that, try to install these packages:

sudo apt-get install ia32-libs

2

Read more of this post

Authenticate the Cisco Devices using FreeRADIUS on Ubuntu

secnario

We want to authenticate and authorize the user on Cisco devices using the Free Radius on Ubuntu Server. In this tutorial, we want to create two users, Arbab and Ali. Arbab have full access to Cisco devices (privilege level 15) while Ali has custom access (like show commands including show running and interface configurations) only.

FreeRADIUS configuration on Ubuntu:

Install FreeRADIUS by using the following command:

sudo apt-get install freeradius

1

Read more of this post

Authenticate the Cisco Devices using Active Directory

Router and AD copy

We want to authenticate and authorize the user on Cisco devices using the Microsoft Active Directory. In this tutorial, we want to create two Active Directory groups, Network Admin and Network Tech. Network Admin have full access to Cisco devices (privilege level 15) while Network Tech have custom access (like show commands including show running and interface configurations) only.

arbab belong to the Network Admin group

ali  belong to the Network Tech group

Network Policy and Access Services:

Before starting this tutorial, I assume that you have installed the Active Directory and it is up and running. Let’s start the tutorial by adding the NPS Role:

Start -> Administrative Tools -> Server Manager

1 copy

Read more of this post

OSPF routing between Cisco,Ubuntu,CentOS and Mikrotik Router!

Scenario:

  • Routers: 1 Ubuntu Linux with 3 nics, 1 Centos Linux with 3 nics, 1 Cisco 3640 Router with 3 FastEthernet interfaces and 1 Mikrotik Router with 2 interfaces.
  • Clients: 3 Windows Xp with 1 nic.
IP Details

All the Routers in this scenario have a default password of “zebra“.

Cisco Router:

  • fe0/0: 10.10.10.1/24
  • fe1/0:10.10.50.1 /24
  • fe2/0: Getting through DHCP

UbuntuRouter:

  • eth0: 10.10.10.2/24
  • eth1: 172.16.10.1/24
  • eth2: 10.10.100.1/24

CentOSRouter:

  • eth0: 172.16.10.2/24
  • eth1: 192.168.10.1/24
  • eth2: 10.10.150.1/24

Mikrotik Router:

  • ether1: 192.168.10.2/24
  • ether2: 10.10.200.1/24

Clients:

  • Ubuntu-Desktop: 10.10.50.50/24
  • WinXP-1: 10.10.100.50/24
  • WinXP-2: 10.10.150.50/24
  • WinXP-3: 10.10.200.50/24

Cisco Router Configuration:

UbuntuRouter Configuration:

Restart the Router!!!

CentOSRouter Configuration:

Restart the Router!!!

Mikrotik Router Configuration:

Neighbor verification from Routers:

Route verification from Routers:

Test from Clients:

Make a simple test from Ubuntu-Desktop.

Make a simple test from WinXP-1.

Make a simple test from WinXP-2.

Make a simple test from WinXP-3.

Configure NAT on Cisco Router:

This is just a bonus section, in which we will configure the NAT on Cisco router and also propagate the default route in OSPF. I connect my Cisco Router to DSL Modem and configure it so that it will take IP address through DHCP, as well as configure the inside and outside interface for NAT.

Lazy man access -list for NAT (This is not the perfect access list):

NAT Overload:

Originate the default route in OSPF:

Verify the last resort information on Cisco Router:

Check default route information on all routers 🙂

Hope this will help you!

Please Remember me in your prayers!

Enjoy 🙂

How to hard reset the Linksys Router!

Today, when i try to access the Linksys WRT120N wireless router  by using it’s default ip http://192.168.1.1,  it took me to the recovery console. It was doing so because the firmware in the router had developed some error & it was asking to replace the firmware for it.

Please follow these steps to fix this problem:

1. Let’s start pressing the RESET button with the power cable connected to the device.

2. After 30 seconds to Step 1, disconnect the power cable without releasing the reset button.

3. After 30 seconds to Step 2, reconnect the power cable without releasing the reset button.

4. After 30 seconds to Step 3, release the reset button.

5. Disconnect the power cable from the unit & reconnect it after another 30 seconds.

Hope this will help you!

Please Remember me in your prayers!

How to Configure Cisco Router with DSL (PTCL)!

In this tutorial, we will configure the cisco(3640) router as a gateway for our LAN. It takes IP setting from DSL (PTCL) Modem through dhcp, in order to access the Internet. This router also act as the DHCP and DNS Server for LAN!

In first step, we will configure fa0/0 interface to take the ip address from DSL Modem:

interface fa0/0
ip address dhcp
no shut

Next, we configure the ip address on fa1/0 interface:

interface fa1/0
ip address 10.10.10.1 255.255.255.0
no shut

Verify the ip address and interface(s) status:

show ip int brief

Now, we will configure this router as dhcp server in order to serve ip address settings to our LAN, we will use the 10.10.10.0/24 network, in which 10.10.10.1 will be the default gateway and dns:

service dhcp
ip dhcp excluded-address 10.10.10.1 10.10.10.20
ip dhcp pool LAN-Pool
 network 10.10.10.0 255.255.255.0
 default-router 10.10.10.1
 dns-server 10.10.10.1
 domain-name home.lan
 import all

Verify that our dhcp server, serves the ip address to LAN:

show ip dhcp binding

Now, we will configure the DNS setting on our router in order to provide DNS services to our network, and make all clients use it as a DNS server:

ip dns server
ip name-server 192.168.1.1
ip domain-lookup

Next step is to configure the NAT on our router, for this, we need to define  the inside and outside interfaces, fa0/0 is connected to the Internet, so it is outside while fa1/0 is connected to the internal network, so it is  inside!

interface FastEthernet0/0
ip nat outside
interface FastEthernet1/0
ip nat inside

Now,we need to create an ACL that will include local network(10.10.10.0/24)!

Next, we need to enable NAT overload and bind it to the outside interface:

Test from one of the LAN’s client:

Verify the NAT status on our cisco router:
show ip nat translations 

Hope this will help you!

Please Remember me in your prayers!

RIP routing between Cisco,Ubuntu and CentOS Router!

Scenario:

  • Routers: 1 Ubuntu Linux with 2 nics, 1 Centos Linux with 2 nics and 1 Cisco 3640 Router with 3 FastEthernet interfaces.
  • Clients: 3 Windows Xp with 1 nic.
IP Details

All the Routers in this scenario have a default password of “zebra.

3640Router:

  • fe0/0: 192.168.10.1/24
  • fe1/0:172.16.10.1 /24
  • fe2/0: 10.10.10.1/24

UbuntuRouter:

  • eth0: 192.168.10.2/24
  • eth1: 10.10.20.1/24

CentOSRouter:

  • eth0: 172.16.10.2/24
  • eth1: 10.10.30.1/24

Clients:

  • WinXP-1: 10.10.20.10/24
  • WinXP-2: 10.10.10.10/24
  • WinXP-3: 10.10.30.10/24
3640Router Configuration:

UbuntuRouter Configuration:

Restart the Router!!!

CentOSRouter Configuration:

Restart the Router!!!

Verification from Routers :-)

Test from Clients :-)

Make a simple test from WinXP-1.

Make a simple test from WinXP-2.

Make a simple test from WinXP-3.

Hope this will help you!

Please Remember me in your prayers!

Configure SSH on Cisco router

This short tutorial will show you, how to configure the ssh on Cisco router!

First make sure that at least your router has hostname, to assign the hostname, use this command:

hostname tendoRouter

where tendoRouter, is my router name, you can assign whatever you like!

To check that ssh is enabled or not, use this command:

show ip ssh

SSH is disabled on this router!

Next, we need to configure the domain name on our router:

ip domain-name homelab.lan

where homelab.lan is my domain name, you can use according to your requirement/environment!

Now,generate a 2048 bit RSA key (it will take sometime, depend on the processing power of the router):

crypto key generate rsa general-keys modulus 2048 

Now, configure the router to accept the ssh logins:

line vty 0 4
login local
transport input ssh

Next step is to create an account on local router’s database in order to use it for authenticating to the device:

username arbab privilege 15 secret cisco

where “arbab” is a username and “cisco” is a password, you need to change it according to your need’s!

Verify that ssh is enabled now?

show ip ssh

Yes, it is enabled 🙂

Connect to router with ssh using PuTTY!

Enter the ip address of your router:

Accept the Security Certificate!

Enter the username and password:

Hurry, we are login to the router with ssh 🙂

Hope this will help you!

Please Remember me in your prayers!

%d bloggers like this: