This blog is specially dedicated to those people who are keen learner of networking. You can learn lots of about networking and network security here.
We will share basic networking concept to complex networking, troubleshooting steps here.
Also, we will share network security questions and other stuffs here.
When no Output Comes in Cisco ASA Firewall or Want to password recover.
The following steps were designed using a Cisco ASA 5505 Security Appliance. They are not appropriate for a Cisco PIX Firewall appliance.
1. Power-cycle your security appliance by removing and re-inserting the power plug at the power strip.
2. When prompted, press Esc to interrupt the boot process and enter ROM Monitor mode. You should immediately see a rommon prompt (rommon #0>).
3. At the rommon prompt, enter the confreg command to view the current configuration register setting: rommon #0>confreg
4. The current configuration register should be the default of 0x01 (it will actually display as 0x00000001). The security appliance will ask if you want to make changes to the configuration register. Answer no when prompted.
5. You must change the configuration register to 0x41, which tells the appliance to ignore its saved (startup) configuration upon boot: rommon #1>confreg 0x41
6. Reset the appliance with the boot command: rommon #2>boot
7. Notice that the security appliance ignores its startup configuration during the boot process. When it finishes booting, you should see a generic User Mode prompt: ciscoasa>
8. Enter the enable command to enter Privileged Mode. When the appliance prompts you for a password, simply press (at this point, the password is blank): ciscoasa>enable Password: ciscoasa#
9. Copy the startup configuration file into the running configuration with the following command: ciscoasa#copy startup-config running-config Destination filename [running-config]?
10. The previously saved configuration is now the active configuration, but since the security appliance is already in Privileged Mode, privileged access is not disabled. Next, in configuration mode, enter the following command to change the Privileged Mode password to a known value (in this case, we'll use the password system): asa#conf t asa(config)#enable password system
11. While still in Configuration Mode, reset the configuration register to the default of 0x01 to force the security appliance to read its startup configuration on boot: asa(config)#config-register 0x01
12. Use the following commands to view the configuration register setting: asa(config)#exit asa#show version
13. At bottom of the output of the show version command, you should see the following statement: Configuration register is 0x41 (will be 0x1 at next reload)
14. Save the current configuration with the copy run start command to make the above changes persistent: asa#copy run start Source filename [running-config]
15. Reload the security appliance: asa# reload System config has been modified. Save? [Y]es/[N]o:yes
In order to perform CCNA and CCNP hands-on lab exercises, either you need the physical devices or a simulator. Since arranging physical devices, such as Cisco routers and switches is probably not possible for everyone. Fortunately, there are various simulators such as Cisco Packet Tracer and GNS3 that you can use to perform CCNA/CCNP and other hands-on lab exercises. In this post, you will get the direct links to download GNS3 IOS images for Cisco routers, ASA, switches, and even for Juniper routers. One of the great features of GNS3 simulator is that it allows you to perform real-life hands-on lab exercises. However, you need to download IOS images for GNS3 before you can perform the hands-on lab exercises. Click Below link to download GNS3 images:
The tcpdump utility is a command line packet sniffer with many features and options. For a full description, refer to the tcpdump man pages by typing the following command: man tcpdump
Running the tcpdump utility
Following are examples of commands used to run the tcpdump utility: Selecting an Interface or VLAN
The tcpdump utility’s interface or -i option accepts only one option. This option may be a numbered interface or a named Virtual Local Area Network (VLAN).
To view traffic, use the -i flag as follows: tcpdump -i <option>
To view the traffic on a single specific interface: tcpdump -i 2.1
To view the traffic on a specific VLAN called internal: tcpdump -i internal
To view the traffic on the management interface: tcpdump -i eth0
To view the traffic on all interfaces: tcpdump -i 0.0 Disabling name resolution
By default, tcpdump attempts to look up IP addresses and use names, rather than numbers, in the output. The BIG-IP system must wait for a response fro…