Cisco – How to schedule a reload

Usefull command when working with Cisco devices remotely is to be able to revert config in case when configuration changes. If I know that I will be making changes that may cause me to disconnect and loose access to the device I schedule a reload and when I know that the config is fine I just cancel the reload.

To schedule a reload in 15 minutes:

Cisco# reload in 0:15
Proceed with reload? [confirm]
Cisco#


***
*** --- SHUTDOWN in 0:15:00 ---

To see how much time have you got left:

Cisco# show reload
Reload scheduled for 23:15:47 GMT/BDT Fri Jun 5 2015 (in 12 minutes) by console from ssh (remote 1.2.3.4)

To cancel reload:

cisco#reload cancel
cisco#

***
*** --- SHUTDOWN ABORTED ---
***

Cisco – Check specific part of config with show run command

Often when running “show run” command the output is very long and I am usually looking for a specific bit of the config that I want to check/modify – useful commands to to filter the output:

to start displaying the config at a specific line containing <string> :
show run | begin <string>

to display all the lines containing the given <string>
show run | include <string>

Cisco ASA – setup logging to Syslog-ng

Assuming that SyslogNG is configured and running then the setup is quick and easy:

Cisco ASA config:

1. Enable logging:

logging enable 
 logging timestamp

2. Send messages to our sylog server:

logging trap notifications
 logging facility 21 
 logging device-id hostname 
 logging host inside IP.ADD.RE.SS udp 514

available trap levels:

{1 | alerts}—Immediate action needed
{2 | critical}—Critical conditions
{3 | errors}—Error conditions
{4 | warnings}—Warning conditions
{5 | notifications}—Normal but significant conditions
{6 | informational}—Informational messages
{7 | debugging}— Debugging messages

3. Optional – setup NTP

ntp server 192.5.41.41 source outside 
ntp server 192.5.41.40 source outside prefer

 

 Syslog-ng config:

open /etc/syslog-ng/syslog-ng.conf

and add the following lines:

source s_net {
       udp(ip(192.168.1.60) port(514));
       tcp(ip(192.168.1.60) port(51400));
};

and

log {
  source(s_net);
  destination(d_mysql);
};

then restart the syslog-ng service:

service syslog-ng restart

 

How to enable Cisco AnyConnect VPN via Remote Desktop

So I’m getting this message when connecting from Remote Desktop session to AnyConnect VPN:

asamessage

The fix is quite easy:

1.Open ADSM, go to Configuration –> Remote Access VPN –> Network (Client) Access –> AnyConnect Client Profile and click Add:

ASDM-1

2. Create new profile and assign it to your Group Policy. Click OK to Create it:

ASDM-2

3. Now double click the profile to edit it and set the Windows VPN Establishment to: AllowRemoteUsers:

ASDM-3

Click OK and Apply. Save the config.

Job done.

 

Cisco router time

Configuring NTP on aCisco IOS device is a relatively easy process.

Follow these steps:

  1. Choose the NTP server your devices will use.
  2. Find out the IP address for this server.
  3. Enter the following commands on the IOS device:
Router# configure terminal
Router(config)# ntp server
  1. Verify the association with the server using the

show ntp status

and
show ntp associations

commands.