ConfigBytes

Recently I experienced an issue with a customer that had their long distance carrier shut the service down .  The reason why was that they were showing an excessively large amount of long distance calls made to various African countries as well as Cuba.

The customer is using a Call Manager Business Edition which puts the Call Manger and Unity on the same 7800 server.

Click to open PDF

The way the problem was presented to us suggested that these calls may have been made internally (it’s my experience that someone on the cleaning crew could be making these calls) which can be easily and quickly identify, all we need to do is look for a pattern when the calls were made, time, day and extension.

Most the time internal fraud calls like theses are made from an open fax machine that has a headset attached to it.  Sometimes Fax lines may be configured to go straight to the gateway on an FXS port; relying on whatever the dial peer

dial-peers configured
dial-peer voice 11 pots
destination-pattern 9[2-9]……
port 0/2/0:23

forward-digits 7that port is configure to.   Of course this type of configuration bypasses the CM and its logging, dial restriction ability.    Other times the fax line can be set to go into the CM and required to follow what every the dial restrictions are set to.

Read more…

I received a faulty ASA 5505 from a customer the other day.  Customer has already been shipped a replacement and now I asked what should I do with this one, sitting on my desk. The problem with this device is that the power plug had become loose, periodically causing the ASA to reload and causing havoc on the customer’s network. It clearly had to be replaced

Normally I would send a refurbished non smart net covered Cisco item out for repair, if the cost was justified. ASA 5505 can be purchased from Bay for around 375 bucks used and 600 new; cost to repair this plus shipping would have been close to $200.  In this case it was better to simply replace it.    I decided to crack this box open and take a peek inside. I feel comfortable doing this because my previous career was a en electronics bench tech.  Read more…

Yesterday I received my new CCNP books from Cisco Press.  Surprisingly the price was not that bad what I got.  All three courses, 642- 902, 813 and the 832.  I opt for Certs Kits for each as well.

The complete course was around $250 which includes the “Official Certification Guides” , Cert Kits and shipping.

The Cert Kits includes a Quick Reference booklets, flash cards (found online) and a DVD. Each DVD in the same familiar format as the the Video Mentor series is, each with an introduction and roughly 5 to 6 hours of video, each covering the the material talk about in the Certification Guides.

This is makes this series stand out is that the Cert Kits complement the Cert Guides.  I would recommend that you buy them both.  While scanning through the new material I notice that this time Cisco is really pushing hard on the routing and switching.  They have left a lot of the VOiP and security out, which was found in the ONT (642-845) and ISCW (642-825) tracks.

Read more…

Qemu

So far I am not pleased with the new GNS3 07 , I’m having some serious issues in rying to configure the settings.

Searching the internet has not yeilded much information on how to set this up. This week I’ll be “plunking” around with the new GNS3, trying to make it work. I hope to have it all figured out soon so I can upload my PIX labs that I’ve been working on.

Note that this was originally posted in May 2009

I wrote this document to help with my CCNA studies, the intent of the document was to help me quickly convert class A and B subnets for the test.  The CCNA will present subnet questions in CIDR format and you should know how to answer them in less then 90 seconds.

I converted the document from Microsoft Word 2007 to PDF using doPDF6.3 a  free PDF converter.  So far it appears to have done a nice job.  You can find it here >Do PDF

The document is here > The Last Subnet How2 Doc

Please let me know of any errors, spelling or grammar. 

(Last edited by rstaples on 20, October 2009 at 08:00 – for grammar and spelling)

Network Address Translation, sometimes called Network Address Translator (NAT), was originally outlined in RFC 1631 in 1994. This was to allow devices on the inside network the use of private IP addresses that are presently defined in RFC 1918. NAT makes it possible to have a very big internal network with thousands of local addresses represented by a handful of global addresses or possibly a single global address.

We will setup a basic static and dynamic NAT configuration.

To the left we have a basic example of how NAT operates.  Starting from the bottom we have our …

(For simplicity we will not be using subnet-zero)

• Network ID: 189.45.23.56
• First usable address: 189.45.23.57
• Last usable address: 189.45.23.63
• Broadcast address: 189.45.23.64
• Netmask of: 255.255.255.248

Read more…

By now I’m sure you’ve already read several articles that explained the pitfalls of using telnet to access your network devices, it’s not a secure way to access your network. Telnet does not offer any encryption, your login and password information is sent across the network in plain text.

Many Cisco devices today allow for SSH configuration. SSH not only allows for encryption of password and login information but also allows you devices to know who is logging in.

SSH can be configured easily on any Cisco device with IOS that supports DES or DES3 (should be using DES3).

Router (config) #username Joe password j03adM1n
Router (config-line) # login local
Router (config) # ip domain-name mylab.local
Router (config) # crypto key generate rsa
Router (config) # line vty 0 4
Router (config-line) # transport input ssh

Once you have your router configured for SSH, you will need to use a terminal program that supports SSH, such as PuTTY, Tera Term or SecureCRT.   Windows XP and Vista include a command line SSH capability, my personal favorite is SecureCRT.