Never in my life I left a testing facility with a smile that big like I did on 16 august last year. It was just minutes ago that I received my score on the Cisco CCNP Troubleshoot (TSHOOT) exam. It was the magic 1000 points, incredible high! Not that the a lower score should had matter, the reason behind the smile was the fun I had in answering the tickets. All the pain of doing the CCNP route exam twice earlier that year was suddenly disappeared.. 🙂
Cisco did a very good job in creating this exam. I have to troubleshoot a lot in my daily work, so for me troubleshooting is like a second nature. However I do have a few recommendation to make it more fun;
– Create a few tickets where more than one thing is broken, stuff like that happens in the real world!
– I missed the option “it is not the network, it is the server..” sounds like a joke but with the ability to look into the network traffic and spot a “tcp reset” from the server could prove a configuration failure on the server. (yes, that kind of prove is sometimes necessary…)
– Where was the option “It is a IOS bug, create a TAC case”? 😉
There where Cisco lacks in writing documentation on this subject at this point, I figured out that it could be handy to write the (small) steps down on how to get a 1600/2600/3600 AP in rommon back on track (autonomous or controller based).
So here you have it… 🙂
ap: set IP_ADDR 192.168.1.2
ap: tar -xtract tftp://192.168.1.1/ap3g2-k9w7-tar.152-2.JA.tar flash:
ap: set BOOT flash:/ap3g2-k9w7-mx.152-2.JA/ap3g2-k9w7-mx.152-2.JA
As a network engineer I always feel myself like a little boy in a candy shop every first time I work with a new piece of hardware. This time it was the first time that I had to implement a ASA 5500-X and I had the time to look under the hood, so I did and took a picture!
With Cisco ASA’s you can open HTTP network traffic so you can inspect it and even block websites if you want to. Remember that this only works for non-encrypted traffic, if you want to inspect encrypted traffic you gonna need a solution where you can do a MITM (Man In The Middle) attack.
Here you have a very simple example where the dutch website “autoblog.nl” is being blocked for clients in VLAN 10 with a IPv4 address in the 192.168.10.0/24 network.
regex URL-AUTOBLOG.NL ".autoblog.nl"
access-list ACL-CMAP-VLAN10-HTTP extended permit tcp 192.168.10.0 255.255.255.0 any eq www
class-map type regex match-any CMAP-REGEX-HTTP
match regex URL-AUTOBLOG.NL
match access-list ACL-CMAP-VLAN10-HTTP
policy-map type inspect http PMAP-VLAN10-HTTP
match request header host regex class CMAP-REGEX-HTTP
service-policy PMAP-VLAN10 interface VLAN10