Drunk on technology https://wiki.nerdydrunk.com/ 2026-04-23T18:25:15+00:00 https://wiki.nerdydrunk.com/ https://wiki.nerdydrunk.com/_media/wiki:favicon.ico text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:asa-anyconnect-upgrade?rev=1658400099&do=diff Cisco ASA AnyConnect Upgrade cisco asa ciscoasa# ping wiki.nerdydrunk.com Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 107.170.247.233, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 80/80/80 ms ciscoasa# dir Directory of disk0:/ 124 -rwx 6487517 15:14:00 Mar 24 2014 anyconnect-macosx-i386-2.5.2014-k9.pkg 125 -rwx 6689498 15:14:02 Mar 24 2014 anyconnect-linux-2.5.2014-k9.pkg 126 -rwx 4678691 15:14:02 M… text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:asa-anyconnect?rev=1658400099&do=diff Cisco ASA AnyConnect with AD Authentication cisco asa ip local pool ADR-POOL-Company1 192.168.2.1-192.168.2.254 ! interface GigabitEthernet0/0 description Provider Internet nameif INT-Provider-OUT security-level 0 ip address 50.60.70.80 255.255.255.0 interface GigabitEthernet0/1 description Company1 nameif INT-Company1-INS security-level 50 ip address 192.168.1.1 255.255.255.0 interface GigabitEthernet0/3 description Provider nameif INT-Provider-INS security-level 100 ip address 1… text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:asa-ssh-scp-key-auth?rev=1658400099&do=diff Cisco ASA SSH SCP Key Authentication cisco asa ssh-key-auth ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCr1zGV1ZDUOgHOWHrqhA MJ0jyNlAGil130lS5lLizG0RqxG4Z9u3tbuRRkr3zsloqAt40N3zq22IZD +ARJ4hDiRpV5f4H3rfB5WGJ8saPCqwZh8MG3s12HkQ01kFdtxQklPcmPOz /FzTnGbEiOm1LbcVUtW4yqZX/cONIzS4q1fDCOa/G4Ocg89BPSSlXBN9+D e6lc2MI14Ony5QUoZskkBEPJ8K4uosuhmEQzrLbis5cOpPD/z37+p3wfrQ b3Gv6nNve7V1z1T24Y+ETK1TXPB/jVzzTWXkF15gyG6zJ7864m3xPrnTLl QDz6dZ5CYDXZzuTMczGTQEGBF2dnzq1x USER01@HOST01 text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:asa-ssl-certs?rev=1658400099&do=diff Cisco ASA SSL Certificates cisco asa Import SSL Certificate generated separate system with OpenSSL. ASA# conf t ASA(config)# crypto ca trustpoint 2016-09-23-ca.root.crt ASA(config-ca-trustpoint)# enrollment terminal ASA(config-ca-trustpoint)# exit ASA(config)# crypto ca authenticate 2016-09-23-ca.root.crt Enter the base 64 encoded CA certificate. End with the word "quit" on a line by itself -----BEGIN CERTIFICATE----- MII CA certificate chain == -----END CERTIFICATE----- quit INFO: Certifi… text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:firepower-anyconnect?rev=1658400099&do=diff Cisco Firepower AnyConnect cisco anyconnect nat firepower vpn If you are using the BRI1 interface for your inside (LAN) network you will need to disable NAT exemption in the AnyConnect configuration and manually create a NAT rule. Placement Before Auto NAT Rules Type Static Original Packet text/html 2025-10-24T18:15:57+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:gns3-apple-silicon?rev=1761329757&do=diff GNS3 on Apple Silicon cisco docker Description Below is the steps I used to get GNS3 running on my Apple silicon macs via OrbStack. Steps on mac orb create --arch amd64 ubuntu gns3-host orb -m gns3-host -u root Steps in OrbStack Machine apt update apt install software-properties-common add-apt-repository ppa:gns3/ppa apt update apt install qemu-system-x86 apt install telnet apt install gns3-server apt install git apt install python3-setuptools python3-aiohttp python3-psutil python3-jso… text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:gns3?rev=1658400099&do=diff GNS3 cisco asa ios ASAv <https://docs.gns3.com/appliances/cisco-asav.html> ciscoasa#conf t ciscoasa(config)# cd coredumpinfo ciscoasa(config)# copy coredump.cfg disk0:/use_ttyS0 CSR 1000v <https://docs.gns3.com/appliances/cisco-csr1000v.html> Router>en Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#platform console serial Router(config)#exit Router#wr me Building configuration... *Sep 20 15:00:19.459: %SYS-5-CONFIG_I: Configured from cons… text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:ios-dmvpn?rev=1658400099&do=diff Cisco IOS DMVPN cisco ios routing Description When using EIGRP with classless subnets remember to disable auto summary. Configurations Router 101 ! crypto keyring keyring-vpn local-address 12.101.0.2 pre-shared-key address 0.0.0.0 0.0.0.0 key tunvpnkey ! crypto isakmp policy 10 encr aes 256 authentication pre-share group 5 crypto isakmp profile isakmp-vpn keyring keyring-vpn match identity address 0.0.0.0 local-address 12.101.0.2 ! crypto ipsec transform-set tset-vpn … text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:ios-general?rev=1658400099&do=diff Cisco IOS General cisco ios Disable pausing at the end of each page/screen. # terminal length 0 Show configuration without displaying full certificates. # show run brief Show configuration with some passwords visible, such as PSKs. # more system:running-config text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:ios-ip-sla?rev=1658400099&do=diff Cisco IOS IP SLA cisco ios ! track 21 ip sla 21 reachability ! track 22 ip sla 22 reachability ! track 23 ip sla 23 reachability ! track 24 ip sla 24 reachability ! track 25 ip sla 25 reachability ! track 26 ip sla 26 reachability ! track 27 ip sla 27 reachability ! track 28 ip sla 28 reachability ! track 29 ip sla 29 reachability ! track 30 ip sla 30 reachability ! track 41 list boolean or object 21 object 23 object 25 object 27 object 29 delay down 60 up 60 ! track 42 list boolean or … text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:ios-l2tp?rev=1658400099&do=diff Cisco IOS L2TP cisco ios routing Description The two PCs on subnet 10.1.1.0/24 can communicate with each over via layer 2. This is possible because of the L2TP configuration on the routers. The routers are not, and do not need to be, on the same layer 2 subnet as the PCs. The fourth router, R4, was added to demonstrate an alternative path that can be used via OSPF. text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:ios-ospf-redistribution?rev=1658400099&do=diff Cisco IOS OSPF Redistribution cisco ios routing Start OSPF configuration: ! router ospf 10 router-id 10.20.0.1 passive-interface FastEthernet0/0.101 passive-interface FastEthernet0/0.102 ! Outside interface configuration: ! interface FastEthernet0/0 description Outside no ip address no mop enabled ! interface FastEthernet0/0.101 description Internet-1 encapsulation dot1Q 101 ip address 50.123.234.66 255.255.255.248 ! interface FastEthernet0/0.102 description Internet-2 enca… text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:ios-ospf?rev=1658400099&do=diff Cisco IOS OSPF cisco ios routing Configurations Router 192.168.1.1 ! interface Loopback0 ip address 192.168.1.1 255.255.255.255 ! interface FastEthernet0/0 ip address 10.0.0.1 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address duplex auto speed auto ! router ospf 10 log-adjacency-changes network 10.0.0.0 0.0.0.255 area 0 network 192.168.1.1 0.0.0.0 area 0 ! ip classless ! text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:ios-site-to-site-vpn?rev=1658400099&do=diff Cisco IOS Site to Site VPNs cisco ios Description Router Public IP Private IP Local Site VPCS 101 12.101.0.2 10.101.0.1 10.101.0.10 102 12.102.0.2 10.102.0.1 10.102.0.10 103 12.103.0.2 10.103.0.1 10.103.0.10 104 12.104.0.2 text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:ios-ssh-scp-key-auth?rev=1658400099&do=diff Cisco IOS SSH SCP Key Authentication cisco ios ssh-key-auth Due to character limits on the IOS CLI you will need to have the RSA public key on multiple lines. I put a new line every 60 characters to make it easy to read. Also keep the starting “ssh-rsa” and ending “ text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:ios-ssl-certs?rev=1658400099&do=diff Cisco IOS SSL Certificates cisco ios Import SSL Certificate in PFX/P12 format copy http://HTTPSERVER/domain.com-2014-12-31.pfx flash:/domain.com-2014-12-31.pfx crypto pki import domain.com-2014-12-31 pkcs12 flash:/domain.com-2014-12-31.pfx password CRT-KEY-PASSWORD text/html 2022-07-21T10:41:39+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.nerdydrunk.com/cisco:ios-upgrade?rev=1658400099&do=diff Cisco IOS Upgrade cisco ios IOS IOS XE Autoboot # conf t (config) # config-register 0x2102 (config) # exit # wr me ROMMON # copy ftp://user:pass@192.168.0.10 flash: # upgrade rom-monitor filename bootflash:rommon.pkg all # reload Firmware # copy ftp://user:pass@192.168.0.10 flash: # conf t (config) # boot system flash bootflash:universalk9.bin (config) # exit # wr me # reload