Cisco Learning Blog

How to install on a not Red Hat Distribution Enterprise Linux Server. I used CentOS 5.6, as a i386 and 32-Bit version. I had to also add libXp after installalling everything by default from the netinstall.

Ininstalled everything on a vmware machine with the following settings:

CentOS 4/5 32-bit

1 CPU

2000 MB RAM

50 GB disk

and everything else with default settings. You could maybe just use smaller values, but i used just the smallest settings for a minimal installation advised by cisco installation guide.

After the default installation of CentOS i had to adjust the following settings or add the following things:

I had to install libXp from the software center

I changed the hostname, cause you have to enter the hostname in later on for the testing license. There you have to change the hostname in:

/etc/sysconfig/network
and you have to add additional entry in /etc/hosts for the 127.0.0.1

Then you should also change the Release name:

/etc/redhat-release
Red Hat Enterprise Linux Server release 5

Afterwards i also changed the updater, so that it would not check for updates periodically.

You have also to enable HTTP or HTTPS in the firewall. You could enable these ports or you can also disable the firewall.

Then you can start the installation via:

./WCS-STANDARD-K9-7.0.172.0.bin

Get your license from:

https://tools.cisco.com/SWIFT/Licensing/PrivateRegistrationServlet?DemoKeys=Y

Hi there,

as i move across a boarder up to Switzerland from Germany and also to another employee. I have decided to startup with my preparation for the sec lab again. I managed to setup gns3 version 0.7.4. Here is my .net file. I have implemented all related devices for http://ine.com compatibility.

I find it really great. Seems like it’s possible to simulate 100% of the lab equipment and functions on my laptop. I have a notebook with the intel m620 processor (http://ark.intel.com/Product.aspx?id=43560) and 4 gb ram (windows 7, 64-bit). After adjusting idle values i got about 30-40% processor usage after starting all 14 devices (ASA1, ASA2, IDS/IPS, R1, R2, R3, R4, R5, R6, SW1, SW2, BB1, BB2, BB3). ASA1, ASA2 and IDS/IPS is producing most of the load. While “only” the routers are doing about 5-10% when idle and with no configuration.

Here is my gns3 .net file for version 0.7.4. You have to adapt the directories to your environment.

security-gns3-0.7.4.net

Just had the problem with vmware workstation 6.5.3 that the ACS 5.1 installation would not find the SCSI hard disc. It’s always claiming the the hard disc size is “0″. The problem with the vmware workstation installation is, that for the ACS bootdisc it’s not possible to identify the SCSI controller. I must be an LSI SCSI controller.

With vmware version 6.5 it seems not possible to configure the SCSI controller version over the GUI. So you will have to change the value directly in the machines vmx file.

You have to add the controller device in the vmx vmware configuration file for the virtual machine itself. It should look like:

scsiX.virtualDev = “lsilogic”

where X is the controller number. For the ACS insstallation it would be

scsi0.virtualDev = “lsilogic”

After this change the Installation should work fine.

Other defaults i took have been:

OS: Red Hat

Mem 512

Disc: min 60 GB SCSI

Processors: 2

After booting from the iso image you will have to enter “1″ and wait for some minutes. Then login with “setup” and enter the defaults for the device.

Then the installation will complete.

You will have to obtain a valid license after login in.

Use “ACSAdmin” and your given password (or use “default”) from the setup process.

After changing to a new password, you will have to add a valid license file.

www.cisco.com/go/license

Don’t ask me for this license.

Enjoy.

Long time no update. I have done different things and also just came from a holiday. My son is now nearly 2 years old on he is about to make great steps further into the future.

In my current job i have done some migrations and audits for example. Also i made my Prince2 (project management) certification in the meantime.

Time to go deeper again. Time to go in depth with the current sec lab.

In two weeks i will be at the INE bootcamp end of april near london for a week. Currently i’m still trying to setup my lab alltogether. I’m still not having a IDS/IPS solution. I’m hoping the cisco aset lab will open soon to be able to train mor on this equipment.

I was in trouble motivating myself for the next path. But i’m starting again. Currently looking at ACS and IOS authentification.

I still haven’t booked my sec lab yet. But i think this will be at the end of august/september. So here we go.

Glad having gns3 on my side. There have been numerous changes since version 3 and 4. I use it quite often while travelling for example. Great work guys.

Have you checked out this list? Probably, if not take a look:

http://cciehof.weebly.com/

Mail cciehof@gmail.com to hook yourself up to the list.

Last week a friend of mine just got his CCIE number. We have been together in a book camp last year in October. It was also his third attempt. And, as i heard from him, he was also quite unsure about his final result and could not believe what he has seen the next day on his CCIE profile. Congratulations to him. Also, because he did it, having a 16 month old child, that not always will let you do what you want. But as you can see, it is possible. It’s just quite hard to get motivated every time, but as you stick to it, it is possible.

So where to start, when your just at the beginning of everything and don’t know where to head to. Do you to build up your lab yourself or is it better to rent a lab? What study materials do you need? How much time do you need? What is the best approach for learning and for the lab.

I will try to answer some of the questions here and hope you will find it usefull on your trip to CCIE.

• Written ist the starting point

First of all you have to pass the Written test before you even can think of the practice lab at all. This needs already quite some time.

Always check out the Cisco homepage for the most actual news on this. This should become your primary pointer where to go to and where you can find all informations regarding the lab.

• Always the most up do date informations about the CCIE Certifications path

Just go to “www.cisco.com/go/ccie” and there you can start reading about topics and book recomandations regardings the Written Exam and the practical Lab exam.

After you have completed your Written Exam, you will need to schedule your lab date.

Add yourself to groupstudy. This mailinglist is a good resource for questions during your study. www.groupstudy.com

This Lab will last 8 hours and you can take it at several places on earth. The only place in europe is brussels in belgium.

What you have to do in the next weeks or months, depending on your skills is mainly configuration speed and knowledge. And you have to make your plan, how you will beat the beast.

Most important points will be:

• Configuration speed
• Time management
• Technology knowledge
• A good sleep the night before

Approach

Just try to practice each technology one by one. Don’t start with doing just one lab after the other. Look at each technology one after the other and debug/confirm things as much as possible. This will be the key, to become more and more self confident.

Try to do some Labs. If your working for a Cisco Gold Parter you can do Cisco’s ASET Labs. I can really recommend them, since thery are a very good chance to get an idea of what Cisco wants you to do in the real lab. The have the AutoVerify function, which will let you check out, what is wrong and what it right.

http://www.cisco.com/warp/public/765/download/pep/aset.html

Since, mostly you will not find your mistakes easily yourself. It’s good to have a tool that will the the grading for you.

Don’t worry if you can not access the ASET labs. Different Vendors have Mock Labs or grading systems, that will be very similar to Cisco’s ASET Labs. Just to them, when your ready for the Lab. If you have done some vendor 8 hour labs, you should check where you are and if your really ready to take the lab. You will find out quite easily.

Then focus on topics you don’t know. Try not to focus on topics you already know. If possible pick out some of them at test your knowledge on these.

Be carefull to not cheat yourself with only doing configurations, that you know already very good and leave out others that need more practice.

Lab

At least on the lab day you need a good sleep. Just go through every task and if you can’t solve it right away, just leave it alone and move to the next task. Just remember, you only get 2-4 points on every task. If you stay with one for more then 30 minutes it’absolutly not worth it. Just leave it alone if possible.

If you have to skip more than 15 questions right away, it might be not your day and you have just spend a lot money for the meal this day.

Try to verify your solutions more than once. Read every questions more than once. Also after two, three times reading, you could still miss something. Double check everything.

After you have been through the whole lab, check out things you have left out before. Then you might able to find a solution for the missing topics more easily, with the most of the lab already solved.

You have to have more then 80% of the available points. You don’t have to get all 100%. If you have passed the lab, you will not get the number of points you have reached, only pass or now is noted. So if someone tells you, he got all 100 Points, he could never now, if this is the case.

And you have to answer at minimum 3 out of 4 questions correctly. These questions will be asked in the beginning of your lab and will focus on core topics. Don’t worry about these questions.

Some say they have had an easy lab some say, that it has been a difficult lab. I would say it depends on your preparation. Most labs will have a similar level.

So when will you add yourself to the growing list of ccie’s worldwide? Good luck.

What i have seen with rip auth, is that it depends in what order you set the commands for rip auth.

• First you have to enter the key chain “key chain RIP” “…”
• After you have to enter first on the interface “ip rip authentication key-chain RIP”
• And then you can enter the encryption mode “ip rip authentication mode md5″

If you change any of this in order, it might not work and you have to re-apply your configs. Btw. not many are using RIP these days, but better to know for the lab, cause it’s still there.

Check always with “debug ip rip”, if authentication works!

After i tried three different java versions, i managed to login to my ips 4215. I tried java versions:

j2re-1_4_2_19-windows-i586-p.exe

jre-6u12-windows-i586-p-s.exe

jre-6u13-windows-i586-p-s.exe

With these versions the login got stuck at loading 92% of the configuration from the machine. Just told me “Initializing Config Modules” and got stuck at 92%.

Then the last version i tried did the trick.

jre-6u7-windows-i586-p-s.exe

Works for the https login.

I have overslept this one a bit, but i will catch up quickly from now on again.

In the past, there have been several new certifications around. Seems like Cisco is doing a lot to set new goals apart from CCIE. Formerly this has been the highest level of certification. But seems like Cisco is setting higher goals or new high goals to be reached by individuals.

It’s the Cisco Certified Architect which has been new to the top level available certifications. As a prerequisite you need a valid CCDE certification. To get started with a more detailed view about the Certifed Architect you could start reading this article by Scott Morris, he is sharing his insights. Price to start here is 15.000 $ for the new cert. You will have to pass the CCDE also first. This has been a privilege to only some people. Thinks it’s a good idea to read Scotts article, to form your opinion.

In fact Cisco has announced also three more new certs:

Cisco Certified Network Professional (CCNP) Wireless

Cisco Data Center Unified Computing Support Specialist

Cisco Data Center Unified Computing Design Specialist

Any comments on this are welcome. See you soon.

Source:

http://www.cisco.com/web/learning/le3/cisco_certified_architect/index.html

https://cisco.hosted.jivesoftware.com/community/certifications/ccde

https://cisco.hosted.jivesoftware.com/docs/DOC-5483

For a long time i did not post any comments. This had a reason…

Not really a CCIE topic, but i did my first ironman (3,8km swim, 180km bike, 42,195km run) in Switzerland, zuerich last week at the 12.7.09.

For those who are interested in, i managed to finish, not the best time, but many others did not finish. So for my first ironman i did it in 13 hours and 48 minutes.

I’m used to cycle long distances already for many years and i was interested how this will be if i also do some swimming and running so i started training in January this year. I wasn’t a good swimmer and still i need much more technique training in freestyle. Bicycling was always my favorite discipline. I did a lot of endurance training in the winter and spring.

2222 Athletes starting at the Ironman Zuerich 2009

During the race i drank a lot isotonic drinks. But i thought running would be easier. So i used much more time during the marathon, than i thought. I’m still looking why i was about one hours slower, than the time i would normally finish the distance. Might have been a drinking problem. Maybe i needed more salt in the drinks.

But i finished quite in good shape and wasn’t to exhausted. People had been very nice and they cheered up us a lot. Thanks to the audience in zuerich. I have registered already for the next one in Frankfurt on the 4.7.2010.