If your not sure what the title quote is from Check out Young Guns 2. As for this post however keep reading to see if I ever get to a point. Currently it is 3:37am in the morning. Again I can’t sleep. Not sure if I rested to much today after a week of almost not sleep, drank a bit to much caffeine or if I am just currently unable to calm down during this career transition. No matter what the cause I did what I normally do when I realize I wont sleep before I have to get dressed and head into work (in this case a my old office, my current clients office and the new office by the end of the day) I took a shower shaved and put on some coffee. I don’t know about you, but I do some of my best thinking in the shower or when driving on long trips alone. It was durring the above mentioned shower that this post and the thoughts it contain popped into my racing mind. Enjoy it could be a fun read.
Most of the feedback I have received concerning my new job and career path has been overwhelmingly positive. But some has not. Quite bluntly a few feel I have whored myself out for money. So let me tell you what I told them…Yes as a matter of fact I did. I did it for the money.
So here I am at 2:15 AM. Storming outside and me all hopped up on caffeine. I just took a break from righting my last post:
During that little breather I though you know what people must think I am a Cisco Zealot. Well that could not be further from the truth. I am a self confessed Technology Zealot. It it is new, shiny, blinks, chirps or at some point in its lifecycle lived in a Data Center I want it. But alas at least at this point in my life I have to make money. I do that by working for a Cisco VAR. We sell 90% plus Cisco. Unlike past jobs I do not rep Juniper, HP, F5, Foundry
oops I mean Brocade, Arista, 3com, Shoretel, Avaya or anyone else that directly competes with Cisco Networking, Compute or Unified Communications.
That being said I do not think Cisco has the best product in every segment. But I wont flesh that out on my blog. If you want that info there is a price. You are either a customer with a requirement I cant meet at which point I will be honest with you or you are a professional friend who I feel comfortable discussion the finer and rougher points of our industry with. What I will say though is I have some Rules for what I will sell and I wont sell. I am going to lay those out to you and in a few cases why I feel how I feel. I hope this will provide insight to others who design, sell and deploy solutions in our industry for clients. At the end of the day our integrity is all we really have, Vendors crash, employers go under and clients come and go.
1. If I wont run it in my basement I wont install it at a client!
I have been through a couple of these Nexus deployments now that use a combination of 7Ks, 5Ks, and 2Ks. If you know anything about this platform you know that TACACS and AAA only really apply to the 7K and 5Ks. Here is my working template of what it takes to get these guys talking to and ACS server.
tacacs-server key 0 YOUR.ACS.KEY
tacacs-server host X.X.X.X
tacacs-server host X.X.X.X
tacacs-server host X.X.X.X
aaa group server tacacs+ GROUP.NAME
source-interface YOUR.VLAN or YOUR.VRF or YOUR.ETHERNET
aaa authentication login default group GROUP.NAME
aaa authentication login console group GROUP.NAME
aaa authorization commands default group GROUP.NAME
aaa accounting default group GROUP.NAME
aaa authentication login error-enable Read more
ACS 1113 Appliance Password and IP Change Process:
1. Insert ACS Recover CD into DVD-Drive
2. Connect Console Cable (DB9 to DB9) to Laptop and Appliance
3. Start Terminal Session with Following (115200, 8, None, 1, NONE)
4. Connect Monitor and Keyboard to ACS Appliance
5. Power Cycle ACS Appliance
6. Use Keyboard and mouse to Select Option 1 for Administrator Password Reset
7. Remove Recovery CD from Appliance
8. Press Enter on Keyboard to reboot appliance
9. Disconnect Keyboard and mouse from Appliance
10. Wait approx 5 minutes for Console session to return. (Don’t rush it, get a coffee or a snake then come back)
11. At login prompt user the Default = Administrator with no password.
12. You will be prompted to enter a new username.
13. You will be prompted to enter a new password, you will be prompted to enter this twice
14. Login with new Username and Password
15. Connect Ethernet Port 1 (Top Port) on Appliance to laptops ethernet port wait for green link light (Without this step the appliance will not accept interface changes.)
16. Type “Set IP” Follow the prompts to enter new IP information and select YES at the end
17. Type “Set domain” Follow the prompts to enter the new DNS prefix select YES at the end
18. Type reboot
19. Wait approx 5 minutes for Console session to return. (Don’t rush it, get a coffee or a snake then come back)
20. Login with new Username and Password
21. Type Show to validate your config changes
22. Disconnect from laptop
23. Connect to production network
Recently, we had a branch site complete the renovation of a new wing. In doing so, we had to build a new telecom closet to feed the area. We added another stack of 3750’s, that connected back to the pre-existing closet via 1Gig fiber link (which that closet then connects back to our core via Optiman). We’ve basically added another stack to the same subnet for that site. Nothing out of the ordinary for us networkers.
Then a few weeks after they opened, they started having issues with certain pc’s in that new wing. There were approximately 15 pc’s that would have a daily Duplicate IP Address Conflict error message on them. So, Help Desk sends a ticket to our group. It was a Saturday afternoon, when I called the lady back and she confirms she has had these issues since they opened. A reboot fixes the issue, but only temporary for that shift. I promised this user that I would follow-up until we found the issue. Read more