What's Popular

  • Adding VLANs to Cisco UCSM & HyperFlex
    I know there are a few more ways to do these procedures, but this is just one example in this overall SOP. 1.    First, from the UCS mana...
  • Delete Normal VLANs
    • First off, VLANs are sorted through identifiers. Regular VLANs are identified with 1-4096.  • There are actually VLANs 1-1001 which ar...
  • Palo Alto Graceful Shutdown
    Via GUI: •    Click on Device tab > Setup link > Operations tab •    Click on shutdown device under device operations on the right...

Meh, Whatever is Featured

Linking Active Directory to Palo Alto

 ###First you need to create a server profile under the LDAP section. DEVICE>Server Profiles>LDAP then click on the Add down at the bo...

Monday, February 25, 2019

Terminating UCSM Sessions Manually

1.    Sometimes your UCSM web sessions will get hung up and prevent you from logging in. The following will help you remove the selected sessions you wish to terminate and then allow access again.
2.    First SSH into your UCSM FIs.
3.    Next type in the following:
    a.    #scope security
    b.    #show user-session “local or remote”
    c.    #delete user-session “local or remote” UserName SessionID
        i.    This will be the select username you wish to terminate along with their Session ID. Be CAREFUL, some users might have SSH or the Web interface, or both up. Make sure you select the right Session ID.
    d.    #commit-buffer
4.    Now you should be able to close out all of your web browsers you have the UCSM open in, go back and try to re-log on.

5.    Finally, another way to terminate is you can terminate all Cisco Integrated Management Controller (CIMC) sessions. The above method is preferred since you can specify which one, but continue the following if you are still having issues:
    a.    #scope security
    b.    #show cimc-sessions “local or remote”
    c.    #show cimc-sessions “local or remote” UserName
    d.    #scope security
    e.    #terminate cimc-sessions “local or remote”-user UserName
    f.    This will close cimc sessions. Are you sure? (yes/no): yes
6.    Again, close out of your browsers with the USCM open in and then re-open and try to authenticate again.

Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/CLI-User-Guides/Admin-Management/3-1/b_Cisco_UCS_Manager_CLI_Administration_Mgmt_Guide_3_1/b_Cisco_UCS_Manager_CLI_Administration_Mgmt_Guide_3_1_chapter_0111.html
Posted by at No comments:
Labels: , , , ,

Friday, February 22, 2019

Re-issue Certificate for UCSM

1.    You will sometimes have a certificate expire on your UCSM. This will show up as a “Major” error in your UCSM errors/logs. This can be cleared by re-issuing a new certificate within the fabric interconnects.
2.    First, log into the fabric interconnects through SSH.
3.    Once you have logged into the FI, use the following commands to re-issue new certificate:
    a.    #scope security
    b.    #scope keyring default
    c.    #set regenerate yes
    d.    #commit-buffer
        i.    WARNING!: This WILL disconnect your web sessions. Be wary if you have others currently working in the UCSM, for it will disconnect them all.
4.    It can take up to 3-5 minutes to re-generate a new certificate for the UCSM. Give it a few minutes then use the following commands to verify the new key has been created:
    a.    #scope security
    b.    #show keyring detail
    c.    The following should be showing:
        i.    RSA key modules: ModXXXX
        ii.    Trustpoint: XXX
        iii.    Cert Status: Valid (here it should show valid or self-signed, not expired)
5.    You should now be able to log back into your UCSM and see the error cleared.
Posted by at No comments:
Labels: , , , ,

Wednesday, February 20, 2019

Changing admin Password in UCSM 3.2 (GUI)

1.    First, log into the UCSM you wish to manage.
2.    Navigate to the following:
    a.    >Admin
    b.    >All
    c.    >User Management
    d.    >Locally Authenticated Users Tab
    e.    >Click on the admin account below
    f.    >Finally, click on the Info tab below
3.    Here you can type in the new password and then confirm in the “Confirm Password” box.
4.    Click “OK” and your new password is updated.

Reference:

https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/gui/config/guide/2-2/b_UCSM_GUI_Configuration_Guide_2_2/configuring_role_based_access_control.html
Posted by at No comments:
Labels: , , ,

Friday, February 8, 2019

Restore Cisco IOS to Cisco Device

1.    Login to the system device.
2.    Once you are in the Cisco device, you can perform the following to load the new Cisco IOS:
    a.    #copy tftp flash
    b.    Address or name of remote host []? The host name or IP you wish to pull from.
    c.    Source filename []? The name of the file you are uploading.
    d.    Destination filename []? Name you want it to show up as in the flash.
    e.    Erase flash: before copying []? You might or might not have this option. This is mostly for old systems and you do not have enough space to hold both the previous and the new IOS.
    f.    If you select erase, it will start erasing the system and upload up the new IOS.
    g.    Use the #show flash command to ensure your new IOS is there.
    h.    #reload
3.    Verify your new IOS version is now loaded through the #show version command upon reload.
Posted by at No comments:
Labels: , , ,

Loading Cisco Device from a Backup Config File

1.    Log into your Cisco device.
2.    From user mode, type in the following:
    a.    #copy tftp statup-config
    b.    Address or name of remote host []? The host IP address or the host name of the system you wish to backup from.
    c.    Source filename []? Type in the name of your backup file.
    d.    You should start to see an “Accessing tftp://x.x.x.x” on your screen.
3.    Wait for the system to restore from the backup file.
4.    Now you can reload the device and load to the restored backup file.
Posted by at No comments:
Labels: , ,

Backup Cisco Device Config

1.    First off, log into your Cisco device.
2.    Launch your TFTP program you wish to have pull the file (I utilize SolarWinds free TFTP too, but you can use any out there.). Just make sure your program is running and ready to pull the config.
3.    You can execute the following commands to backup your config:
    a.    #copy running-config tftp:
    b.    Address or name of remote host []? YourIPAddressYouCopyingTo
    c.    Destination filename [default]? NameforYourFile
4.    Then you just need to wait for the file copy/transfer to finish. Then check your file destination to verify it finished copying.
Posted by at No comments:
Labels: , ,

Tuesday, February 5, 2019

Mess With ROMMON Cisco Device

•    While in ROMMON you have three important commands:
    o    >confreg
            You can use this to actually change the boot register config of the device.
    o    >set
            The set command will allow you to actually assign IP addresses to your interfaces.
    o    >tftpdnld
            This will allow you to download your IOS with this command.
    o    >xmodem
            This is horrible, you can use this to upload your IOS through the console port. Good luck with this, but maybe you might have to do this.
Posted by at No comments:
Labels: , , ,

Monday, February 4, 2019

Quick Cheat Sheet for How a Cisco Device Boots

1.    Checks the configuration register
    a.    2100: ROMMON
    b.    2101: RXBOOT
    c.    2102: Boot Normally
    d.    2142: Ignore NVRAM
2.    Check for “BOOT SYSTEM” commands in the startup config.
3.    Looks for the first IOS image in flash.
4.    Broadcast for a TFTP server
Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)