NETWORKING - VIRTUALIZATION

Cisco IP phone recovery procedure

If you have this kind of problem - phone won't boot, not showing anything on screen upon powering etc. - and you tried softreset (123456789*0#) and hard one (3491672850*#), then you should give this option a try...for this to work you would need:

- tftpd32 software ( http://tftpd32.jounin.net/tftpd32_download.html )

- adequate firmware files for your 7900 phone ( www.cisco.com )

- local power adapter for IP phone - power cube 3,4 typically.

You are going to use tftpd32 software for locally provision of firmware to IP phone and as a DHCP server for same phone with required option 150 in it.

Required steps:

- configure your PC with static IP address - some value from your test DHCP pool. If you are going to use, let's say, 192.168.10.0/24 pool, then you can give your PC - for example - 192.168.10.100/24, with default gateway also 192.168.10.100;

- configure tftpd32 DHCP options as per picture:

IMAGE 1 - DHCP SETTINGS

- configure tftpd32 TFTP options per your environment and put your firmware files in same folder, like I did on mine:

IMAGE 2 - TFTP SETTINGS

- configure global options like this:

IMAGE 3 - GLOBAL OPTIONS SETTINGS

- on main window choose your LAN adapter as interface where you would listen for DHCP requests - IP shown in window should be your static assigned (ie 192.168.10.100)!:

IMAGE 4 - INTERFACE SETTINGS

- ALWAYS RUN THIS TFTPD32 SOFTWARE "AS ADMINISTRATOR..." ON YOUR WIN 7 OR WIN 8 MACHINE!!!;

- put your phone firmware files (extracted!) in corresponding folder - in this example it's on C:\TFTP;

- connect your PC with IP phone directly - put Ethernet cable in SW port on phone - not PC!; don't give power to phone yet;

- do standard hard reset procedure - holding the "#" key down on the keypad - apply power to the phone, phone is going throw some "light sequence", release "#" when typically handset blink non-stop red (or something similar), enter key sequence as noted above - 3491672850*#;

- observe throw tftpd32 log window how phone receives IP address from your pool and then downloads all required firmware files - let it finish that;

- phone should reset and be working now...

HTH...

P.S. I found one interesting thing recently - tried to upgrade 7906 phone with newer firmware (9.2.. something) but it was looping nonstop (blank screen, not booting etc)...then tried some older firmware (8.2...) first and phone accepted that older firmware without problem...after that phone accepted 9.2 firmware also! Interesting...

 

Windows 8/8.1 - Cisco IPSec VPN client problem solution

Having trouble working with classic Cisco IPsec VPN client in Windows 8/8.1 environment? This should help:

- Uninstall completely existing VPN client SW

- Download and run this tool: ftp://files.citrix.com/winfix.exe

- Download and run this tool for 32-bit system: ftp://files.citrix.com/dneupdate.msi and this one for 64-bit system: ftp://files.citrix.com/dneupdate64.msi

- If needed restart system

- Install Cisco VPN client SW again and run...

It should be working fine now...

Cisco EEM and AAA working together

If you have AAA services configured on your Cisco device and want to do some, for example, EEM remote telnet on that device you will have problem with executing commands because of AAA services. Because of that Cisco introduced useful command annex to classic EEM - authorization bypass. Be sure that your IOS version support that...

Here is one example of configuring EEM with AAA on device for remote telnet and do some clear ARP for you:

event manager applet chilly authorization bypass

event none

action 2.0 cli command "telnet x.x.x.x" pattern "Username:"

action 3.0 cli command "admin" pattern "Password:"

action 4.0 cli command "password" pattern "#"

action 5.0 cli command "clear arp" pattern "#"

action 6.0 cli command "exit"

action 7.0 cli command "end"

That was another post about EEM...keep playing with this powerful tool...

Floating static routes without IP SLA - with EEM

IOS 15 great SW but without Data or UC license on it - no IP SLA. Without that you have no easy way of configuring floating static routes with tracking and doing IP reachability tests of your default GW.

This solution is doing pretty much the same but without IP SLA at all - we are going to utilize only the EEM with track feature like before. So basically, EEM script would be something like this:

event manager applet chilly

event timer watchdog time 10

action 1.0 cli command "enable"

action 1.1 cli command "ping [DF-GTW-HERE] repeat 3 timeout 2"

action 1.3 regexp "!" "$_cli_result" result

action 1.4 if $result eq "!"

action 1.5  track set 100 state up

action 1.6 else

action 1.7  track set 100 state down

action 1.8 end

Before putting this EEM script live configure adequate track object, like this:

track 100 stub-object 

default-state down

Off course if you need you can fine tune this EEM script...for example set timer to 5 sec or similar.

Now you can configure your floating static routes like before...with higher and lower AD on them...

CCIE R&S FINALLY...

21.06.2012 11:51PM results came from Cisco CCIE lab exam...PASS...wonderfull feeling :)

CCIE#35744

Hard kill VM in vSphere 4 and 5

First of all you need PowerCLI for this to work. Next, try the following sequence of commands:

  • Connect-VIServer -Server - directly connection on problematic ESXi server or vCenter
  • $esxcli = Get-EsxCli -Server - fetching of useful command (without "Server" if directly on ESXi)
  • $esxcli.vms.vm.list() | Format-Table -Property DisplayName, WorldID - find problematic VM by worldID
  • $esxcli.vms.vm.kill("soft", [worldID]) - "kill" with 3 options: soft, hard and force (first try with hard and only in really big problems use force...without "[]" of course)

Or, if just want to kill VM process in ESXi 3.5-5 directly (without need of PowerCLI) then this is useful too:

  • ps | grep vmx

which gives something similar to:  

7662 7662 vmx /bin/vmx  

7667 7662 vmx /bin/vmx  

7668 7662 mks:VirtualMachineName /bin/vmx  

7669 7662 vcpu-0:VirtualMachineName /bin/vmx

Underscored ones are parents ID's which needs to be killed.

So this is it:     

kill [parents ID] or     

kill -9 [parents ID]

Cisco MPX (meeting place express) NIC and services problem

To successfully activate NIC card with wrong MAC address under MPX deployment please follow:

- first change MAC address to right one under RedHat with root access:

vim /etc/sysconfig/network-scripts/ifcfg-eth0 (or whatever is your NIC card...)

change HWADDR field

- restart MPX services in /opt/cisco/meetingplace_express/bin:

sudo mpx_sys restart

That's it! It should stop and start MPX services in the right order which is very important...

iSCSI storage - enable JUMBO frames for ESXi 4

You must create the vSwitch and change the MTU to 9000.  For this example, vSwitch7 will be the name you would replace with your own:

esxcfg-vswitch -a vSwitch7

Then, set the MTU of the vSwitch:

esxcfg-vswitch -m 9000 vSwitch7

esxcfg-vswitch -l - will list all the vSwitches on actual ESXi. It should look something like this:

Switch Name    Num Ports   Used Ports  Configured Ports  MTU     Uplinks

     vSwitch7             64                  1            64                 9000

iSCSI access is controlled by a VMkernel interface and assigned to a port group on the vSwitch.

So create the portgroup:

esxcfg-vswitch -A vSwitch7

Then create the VMkernel interface:

esxcfg-vmknic -a -i -n -m 9000

If you named the port group "iSCSI_storage", for example, and your IP is 192.168.0.1/24, the command would be like this:

esxcfg-vmknic -a -i 192.168.0.1 -n 255.255.255.0 -m 9000 iSCSI_storage

The last step is to add a physical NIC to the vSwitch.  This can be done via the GUI optionally:

esxcfg-vswitch -L vSwitch7

You must enable jumbo frames on your physical switch for this to work!

Backup ESXi firmware (configuration) with PowerCLI

Login directly to ESXi (or through vCenter server) with PowerCLI shell:

Connect-VIserver -Server IP_address

See help from cmdlet Set-VMHostFirmware:

Get-Help Set-VMHostFirmware

No more PERL scripts and nothing else...just PowerCLI and go...

For restore procedure you must put ESXi host into MAINTENANCE mode.

Example

BACKUP:

Set-VMHostFirmware -VMHost esxi_IP_address -BackupConfiguration -DestinationPath C:\ -Server vCenter_IP_address

RESTORE:

Set-VMHostFirmware -VMHost esxi_IP_address -Restore -SourcePath C:\ -HostUser -HostPassword -Server vCenter_IP_address

VMware ESXi SSH access

After installing ESXi first thing to do...by default it is disabled. By enabling it you must strictly know what are you doing. Here are basic steps:

- go to the ESXi console and press alt+F1

- type: unsupported

- enter the root password

- type vi /etc/inetd.conf

- look for the line that starts with #ssh

- uncoment - remove the #

- save /etc/inetd.conf by typing :wq!

- restart the management service /sbin/services.sh restart