A while ago I've tried setting up different authorisation levels on a Cisco router with privilege levels. It failed miserably because this is badly documented by Cisco and the amount of effort needed to get something useful out of it was too much. The main problem is the hierarchical privilege structure of commands and the somewhat illogical relation between these commands (enable write privileges to allow read privilege....).
Friday, 4 March 2016
Monday, 4 January 2016
NMAP Automation and reporting
If you need a tool to check your devices firewall settings, NMAP is the tool to use. It is possible to automate this check so you can get a daily report even with a report on differences.
The following script checks a subnet, reports on all active hosts and open ports. Differences will also be reported and these reports will be mailed.
The script below is a slightly edited script found here.
The following script checks a subnet, reports on all active hosts and open ports. Differences will also be reported and these reports will be mailed.
The script below is a slightly edited script found here.
Tuesday, 7 July 2015
Cisco ATA 190 and CUCM
Today I had a fight with an ATA 190. After I powered the critter up it autoregistered itself with the CUCM 8.6 but after that it failed to register; it stayed "rejected".
Probably it has something to do with this bug.
The ATA did not load the newer firmware from the CUCM and did not use the downloaded config file.
Not wanting to wait on TAC to resolve this and getting some hints that a manual upgrade would solve this problem I started to focus getting the firmware .bin-file.
(use at your own risk!)
Step 1 - Download the latest firmware from Cisco
Step 2 - Download HxD and 7Zip
Step 3 - Read this link
Step 4 - Open cmterm-ata190.1-1-2-005.cop.sgn in HxD and remove the certificate
Step 5 - Save the file (.gz !)
Step 6 - Unzip the .gz file with 7Zip
Step 7 - Open ATA190.1-1-2-005.bin.sgn and remove the certificate
Step 8 - Save the file (.bin !)
Step 9 - Open webinterface of the ATA 190, login (admin/admin)
Step 10 - Go to Administration -> Upgrade and load the .bin file
If the ATA has the first available firmware it takes a while and will result in a "Upgrade Failed". Ignore this because it just works.
It seems the ATA still needs some help after this because after adding the TFTP address manually in the config of the ATA and a reboot the ATA registered correctly and worked like a charm.
Probably it has something to do with this bug.
The ATA did not load the newer firmware from the CUCM and did not use the downloaded config file.
Not wanting to wait on TAC to resolve this and getting some hints that a manual upgrade would solve this problem I started to focus getting the firmware .bin-file.
(use at your own risk!)
Step 1 - Download the latest firmware from Cisco
Step 2 - Download HxD and 7Zip
Step 3 - Read this link
Step 4 - Open cmterm-ata190.1-1-2-005.cop.sgn in HxD and remove the certificate
Step 5 - Save the file (.gz !)
Step 6 - Unzip the .gz file with 7Zip
Step 7 - Open ATA190.1-1-2-005.bin.sgn and remove the certificate
Step 8 - Save the file (.bin !)
Step 9 - Open webinterface of the ATA 190, login (admin/admin)
Step 10 - Go to Administration -> Upgrade and load the .bin file
If the ATA has the first available firmware it takes a while and will result in a "Upgrade Failed". Ignore this because it just works.
It seems the ATA still needs some help after this because after adding the TFTP address manually in the config of the ATA and a reboot the ATA registered correctly and worked like a charm.
Subscribe to:
Posts (Atom)