• Show Command Multiple Filtering

    Normally when we do show command we make use of the “|” to filter and put in keywords after like include, exclude, begin and section. As we all know “include” means show only that matches the string like for the example below.

    R1#sh run | inc CISCO
     neighbor CISCO peer-group

    We can do some multiple command filtering like the example below using the “include” keyword. Let’s say we want to see the interface name, then the description, the OSPF cost and if its configured with the “mpls ip” command.

    R1#sh run | inc interface |^ description |^ ip ospf cost |^ mpls ip
    interface FastEthernet0/0
    description towards LAN
    ip ospf cost 100
    mpls ip

    The trick is to use multiple “|” and then the regular expression “^”. Then put a space before the string because the configurations under the interface configuration if you do a “show run” has a space before the line. This also applies to the “exclude” keyword but who the heck uses “exclude” that much?

     

    Source:

    http://ciscodreamer.blogspot.com/2009/08/multiple-command-filtering.html

    Read more »
  • 3750 interface bandwidth limiting

    I want to police customers traffic into 20mbps.

    Ingress policing
    Create policy map:

    policy-map shape-20
    class class-default
    police 20M 400000 exceed-action drop
    Assign policy map to interface:

    interface FastEthernet1/0/2
    service-policy input shape-20

    Egress policing
    Unfortunately, policy-map containing police action cannot be attached to interface in egress direction. So here is how i limit it to 20mbps:

    interface FastEthernet1/0/2
    srr-queue bandwidth limit 20
    srr-queue bandwidth shape 0 0 0 0

    Read more »
  • IPSec VPN with Netgear FVS318v3

    First you have to set up your FVS318 router to accept the connections.

    1. Log on to your router and go to the “VPN Wizard” in the left hand menu.
    2. Just click “Next”…
    3. You have to set a name for your connection and a pre-shared key (PSK). Select “A remote VPN client” as connection type.
    4. You will get a confirmation screen next. Just click “Done”.

    Now your router is up to speed and you need to download the VPN client fromhttps://www.shrew.net/download
    Ones installed it’s time to set up your new connection.

     

    1. In the router admin page select “IKE Policies” in the left hand menu. The two pieces of information you are interested in is “Local ID” and “Remote ID”.
    2. Now start Shrew Soft VPN Access Manager and click “Add”.                                                                            
    3. Now enter your DynDNS, or static WAN address if you have one, in the “Host Name or IP Address” field.
    4. Set “Auto Configuration” to “disabled”.
    5. Set “Local Host” – “Address Method” to “Use an existing adapter and current address”.
    6. Now go to the “Name Resolution” tab. If you know the addresses to wins server and/or dns server on the remote network enter them here. If not uncheck the check boxes.                         
    7. Now go to the “Authentication” tab and set “Authentication Method” to “Mutual PSK”.
    8. “Local Identity” should be the field “Remote ID” on the routers “IKE Policies” page. “Identification Type” should be “Fully Qualified Domain Name”.                                                                                                                                
    9. On the “Remote Identity” tab the “Identification Type” should be “Fully Qualified Domain Name” and “FQDN String” should be the “Local ID” from the routers “IKE Policies” page.                                                                            
    10. Moving on to the “Credentials” tab fill in your PSK in the “Pre Shared Key” field. In this case “areallylamekey”.
    11. Then you go to main tab “Policy”.
    12. Uncheck the “Obtain Topology Automatically or Tunnel All” check box.
    13. Click the “Add” button.
    14. Type in your network. To route all the 192.168.0.x addresses over the VPN tunnel enter address 192.168.0.0 and netmask 255.255.255.0. If you have the same network address range at home and in your current location you can enter specific addresses or add an other topology entry that excludes those addresses.
    15. Then hit “Save” and you will return to the mane window.
    16. Dubbel click your connection and select “Connect”. That’s it!                     Your now up and running with your own secure IPSec tunnel to your home or office!

     

    The content of this post is from https://www.hackviking.com/2010/10/ipsec-vpn-with-netgear-fvs318v3/. Want to make sure i give credit to source.

    Read more »