Commands to troubleshoot connectivity through a Cisco ASA

Packet Tracer

packet-tracer input <INTERFACE> <PROTOCOL> <SOURCE-IP> <SOURCE-PORT> <DESTINATION-IP> <DESTINATION-PORT>
packet-tracer input external tcp 11.22.33.44 1010 55.66.77.88 80

VPN Example

packet-tracer input internal udp 10.10.10.10 500 10.20.20.20 500
packet-tracer input internal udp 10.20.20.20 500 10.10.10.10 500

Packet Capture

capture *NAME_OF_CAPTURE* interface *INTERFACE_NAME* match *TRANSPORT_PROTOCOL (TCP / UDP / IP)* host X.X.X.X (This is the source IP address) host Y.Y.Y.Y (This is the destination IP address) eq *PORT_NUMBER*
capture cap1 interface external match tcp host 11.22.33.44 host 55.66.77.88 eq 80

Capture all syslog traffic to 10.10.10.10

capture cap2 interface internal real-time match udp any host 10.10.10.10 eq 514

View capture

show capture cap1

Show access-list

show access-list acl_external

Find access-list entries including port 514

show access-list | inc 514

Find log entries including port 514

show logging | inc 514

Show arp for specific interface

show arp | inc internal

Speed up DHCP delays with Portfast on Cisco switches and routers

Scenario

You have noticed that it takes ages for client devices – like PCs, VOIP phones, even Xboxs – to get an IP address via DHCP. Sometimes an IP address is not given at all.

Here is how to speed up the DHCP process on Cisco switches and routers:

[Read more…]

Cisco ADSL firmware upgrade and debugging

So we finally moved away from Griffin Networks broadband – which was ok to be fair…as fair as stepping on a nail every step for a mile! – and went with TalkTalk Business broadband instead.

We’re still going through the usual 10-day stabilisation period, so I’ll reserve judgement until then; although it’s already more stable than Griffin Networks!

Anyway, now that we’ve been up and running for 4 days, I thought I’d upgrade the ADSL firmware and see if that made any difference to the broadband performance.

Here’s how to upgrade the ADSL firmware on a Cisco 877W router:

[Read more…]

Cisco Command Line Shortcuts

I’m a sucker for shortcuts, so I try and use them whenever I can to increase my productivity.

I’ll add to this list as and when I find useful Cisco command line shortcuts.

  • Move cursor to start of line:
    CTRL + A
  • Move cursor to end of line:
    CTRL + E
  • Erase current line:
    CTRL + U
  • Erase a word:
    CTRL + W
  • Run command and exit config mode:
    CTRL + Z
  • Just exit config mode:
    CTRL + C
  • Break:
    CTRL + SHIFT + 6
  • Suspend telnet/ssh session:
    CTRL + SHIFT + 6, x

Initial configuration for Cisco routers

There are a few things I always do first when configuring Cisco routers:

  1. Backup current IOS image file – just in case something goes wrong in the next step.
  2. Update to latest IOS version – cos everybody just loves those new bells ‘n’ whistles right?!?
  3. Initial configuration – useful commands to make life easier.
Here’s the step-by-step instructions: