All posts by admin

What is Cisco Champion program?

After being selected as Cisco Champion 2017, often people asked what is Cisco Champion? Some of them don’t know what Cisco Champion Program offers and what benefits they can avail be becoming a Cisco Champion.

ciscochampion2017-250

Cisco Champion Program was started by Cisco Systems with an aim to create and nurture a group of people ( Cisco geeks) who are highly influential IT technical experts, who enjoy sharing their knowledge , expertise, ideas and thoughts in innovative way across the social web be it in the form of blogs, supporting the online community by answering their queries  or with Cisco

The Cisco Champion program is open all the individuals who are either 18 years in age or older with following qualities

  • Is active on social media
  • Expresses balanced view of Cisco
  • Has Cisco-related expertise
  • Has overall expertise in IT industry
  • Chooses to actively participated in conversations relevant to Cisco and the IT industry

One can either nominate himself/ herself to Cisco Champion Program at the end of year calendar year or their peers can nominate them. Generally the nominations begins after October and cover wide variety following main interest areas

Read more…….

PAN-OS download  issues “Failed to download due to server error”

While downloading the PAN-OS  version 6.0 or above on a Palo Alto Networks next-generation firewall , one might see an error

 “Failed to download due to server error. Please try again later. Failed to download file”.

This error generally occurs not due to download server error or reachability, it’s a normal and expected behaviour. Now one might be wondering why this is a normal behaviour?

The Palo Alto Network maintains a list of latest software version in its memory,  if some one tries to download a PAN-OS and end up in the following error

 “Failed to download due to server error. Please try again later. Failed to download file”.

Then the list is either outdated or empty,  and the above mentioned error is see unless the list is refreshed.

In order resolve this  problem one should have a valid  Support subscription is required to download software.

If entitlement is current, Click ‘Check Now’ in the lower left hand of the WebGUI to view an updated list of PAN-OS software images.

PAN-OS upgarde issue

After clicking “Check Now’

PAN-OS upgarde issue 2

Alternatively, From CLI:

> request system software check

Palo Alto Networks Firewall Interface Types – Virtual Wire

We all know Palo Alto Network Firewalls offers quite flexibility deployment options, one can also deploy Palo Alto Networks in Virtual Wire or V-Wire mode. This is the beauty of Palo Alto Networks Firewalls , the flexibility it offers cannot be matched by some of the leading firewall vendors. Though other vendors offers the same feature  better known as transparent firewalls.

Virtual Wire mode can be deployed by pairing a set of two physical interfaces into a single set and in V-Wire mode one does not needs to assign either an IP Address or a mac address.  Virtual Wire is also referred to as a “Bump in the Wire” of “Transparent In-Line”. By default certain Palo Alto Networks Firewalls comes with preconfigure Virtual Wire mode and Ethernet ports 1 and 2 are part of that default V-Wire.

Palo Alto V-Wire Mode

Read more….

A review of CCDE Study Guide by Marwan Al-shawi

Since I received the “CCDE Study Guide” from Jamie Shoup till date, I simply couldn’t able resist reading such a wonder book from Marwan Al-shawi.  I believe it was a great initiative from Marwan Al-shawi to write this book. Since I read this book from cover to cover I believe it’s the right time for me to write a complete review of this book.

CCDE book

As mentioned in my initial review , Marwan did a great job in penning down this title, he has gone an extra mile to come out with this title. The topics are organised well and he addressed almost all the topics of CCDE blue print at very high level. The “CCDE Study Guide” is divided into 6 parts with following chapters

Part I Business-Driven Strategic Network Design

  • Chapter 1 Network Design Requirements: Analysis and Design Principles

Part II Next Generation – Converged Enterprise Network Architectures

  • Chapter 2 Enterprise Layer 2 and Layer 3 Design
  • Chapter 3 Enterprise Campus Architecture Design
  • Chapter 4 Enterprise Edge Architecture Design

Read more…

Passed CCIE Routing and Switching Lab

By the grace of Almighty I passed the CCIE Routing and Switching lab exam. I have been preparing for this for almost a year and was vigorously working hard for past four months. The preparation kept me away from blogging for almost a year. My dream to peruse CCIE Routing and Switching has turned into reality. I would like to thank especially my Wife and my Son for their tremendous support.

Without their support I believe it was not possible. I would also like to thank Narbik Kocharians for his amazing work books andBrain McGahan for the great Advance Technology Class videos, they are simply awesome. I really enjoyed watching ATC videos and it gave me the thorough understanding of the concepts. Whereas Narbik Kocharians work books gave the practical experience and further strengthened my understanding of the concepts.

CCIERouting_and_Switching_UseLogo

Since I passed I received lot of emails, linked messages and phone calls to know what my approach was. I believe IT Knowledge Exchange is a best platform for me to share my CCIE journey not only with my friends but also the readers of this blog.  Sine this is the first post of year I thought of sharing about the work books I used and the videos I watched.

I will keep this short but promise to comeback to share my experience and the path I adopted to pass the CCIE Routing and Switching lab.

Routing and Switching CCIE Version 5 Update expected this November?

Since I am preparing for the CCIE Routing and Switching Lab exam, I am following up all the latest developments very closely. Recently I was reading an INE blog post on CCIE Routing and Switching Version 5 update. According to INE an announcement is expected sometime in November. Cisco Live Milan does have a session dedicated to CCIE Routing and Switching Version 5 presented by Bruno van de Werve, the CCIE R&S Exam Product Manager.

CCIERouting_and_Switching_UseLogo

The updated version of CCIE R & S seems to be a 100% virtual lab environment similar to the current troubleshooting section of CCIE R & S lab. Some older legacy technologies like frame relay is expected to be removed along with some least used IOS features like Zone- Based Firewall, WCCP, IPv6 Multicast and PfR also topics like IPSec, read more………………………….

 

How to reset the Cisco Iron Port Appliance to factory default settings?

Resetting the Cisco Iron Port C370 appliance is an easy task.

In order to reset the Cisco Iron Port C 370 appliance either we need a console or ssh access (telnet access will also do).

Step 1

Log into Cisco Iron Port C370 appliance either console or shh.

C370step1]

Step 2

Suspend the Cisco Iron Port C370 appliance as without suspending the appliance we cannot reset it.

So used the “suspend” command to suspend the appliance

c370step2

Step 3

Use the command “resetconfig”to reset the Cisco Iron Port C370 appliance

For further details read more……………………………..

 

Multiple Cisco Products are affected by OSPF LSA Manipulation Vulnerability

The recent security advisory suggests that multiple Cisco products are affected by a vulnerability involving the Open Shortest Path Frist (OSPF) Routing Protocol Link State Advertisement (LSA) database. With the help of this vulnerability an unauthenticated attacker can take control of the OSPF Autonomous System (AS) domain routing table, backhole traffic and intercept traffic. Which could cause a huge damage to the attacked network.

The attacker could trigger this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause flushing of the routing table on a targeted router, as well as propagation of the crafted OSPF LSA type 1 update throughout the OSPF AS domain.

To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. This vulnerability can only be triggered by sending crafted unicast or multicast LSA type 1 packets. No other LSA type packets can trigger this vulnerability. Read More…………………..

Cisco UCS Outperforms HP and IBM Blade Servers on East-West Latency

These days the focus is increasing towards lower latency and high performing server-to-server data traffic (East-West). Cisco claims that they specifically designed their UCS unified fabric for this type of traffic. Cisco want to prove the claim made by their competitors that Cisco UCS unified fabric would increase latency and slow blade-to-blade traffic. Cisco ran the tests, and the results were simply amazing.

According to the recent concluded test by Cisco claims that HP and IBM blade architectures rely on placing networking switches (HP Virtual Connect; IBM Flex System Fabric Switches) inside of every 16 or 14 blade chassis. These legacy vendors imply that data can communicate from one blade to another more efficiently because their networking switches reside within the chassis.  They fail to mention two critical points: Read more………………

A review for CCIE Routing and Switching Certification Guide (4th Edition)

When it comes to CCIE Routing and Switching Written Exam you need to study lots of books especially the titles published from Cisco Press.

As we all know CCIE Routing and Switching is not an easy task, it needs lots of preparation. Since I am in the process of perusing CCIE Routing and Switching I thought of starting my journey with CCIE Routing and Switching Certification Guide ( 4th Edition) published by read more……..