Posts from category "2013"

Windows 8/8.1 - Cisco IPSec VPN client problem solution

Having trouble working with classic Cisco IPsec VPN client in Windows 8/8.1 environment? This should help:

- Uninstall completely existing VPN client SW

- Download and run this tool: ftp://files.citrix.com/winfix.exe

- Download and run this tool for 32-bit system: ftp://files.citrix.com/dneupdate.msi and this one for 64-bit system: ftp://files.citrix.com/dneupdate64.msi

- If needed restart system

- Install Cisco VPN client SW again and run...

It should be working fine now...

Cisco EEM and AAA working together

If you have AAA services configured on your Cisco device and want to do some, for example, EEM remote telnet on that device you will have problem with executing commands because of AAA services. Because of that Cisco introduced useful command annex to classic EEM - authorization bypass. Be sure that your IOS version support that...

Here is one example of configuring EEM with AAA on device for remote telnet and do some clear ARP for you:

event manager applet chilly authorization bypass

event none

action 2.0 cli command "telnet x.x.x.x" pattern "Username:"

action 3.0 cli command "admin" pattern "Password:"

action 4.0 cli command "password" pattern "#"

action 5.0 cli command "clear arp" pattern "#"

action 6.0 cli command "exit"

action 7.0 cli command "end"

That was another post about EEM...keep playing with this powerful tool...

Floating static routes without IP SLA - with EEM

IOS 15 great SW but without Data or UC license on it - no IP SLA. Without that you have no easy way of configuring floating static routes with tracking and doing IP reachability tests of your default GW.

This solution is doing pretty much the same but without IP SLA at all - we are going to utilize only the EEM with track feature like before. So basically, EEM script would be something like this:

event manager applet chilly

event timer watchdog time 10

action 1.0 cli command "enable"

action 1.1 cli command "ping [DF-GTW-HERE] repeat 3 timeout 2"

action 1.3 regexp "!" "$_cli_result" result

action 1.4 if $result eq "!"

action 1.5  track set 100 state up

action 1.6 else

action 1.7  track set 100 state down

action 1.8 end

Before putting this EEM script live configure adequate track object, like this:

track 100 stub-object 

default-state down

Off course if you need you can fine tune this EEM script...for example set timer to 5 sec or similar.

Now you can configure your floating static routes like before...with higher and lower AD on them...