How to Edit Cisco Access-List

This KB will show you how to edit Cisco Access lists, Since IOS 12.2 we no longer need to use notepad to edit access list.

This KB is only valid to Cisco IOS 12.2 or higher.

Cisco has a new command that make editing and deleting easy, The new command is ip access-list.
Solution: Edit ACL.

Step 1:

Type the show ip-access-list to see all ACL
EXAMPLE

RTR#sh ip access-lists
Standard IP access list 23
10 permit 192.168.1.2
30 permit 10.50.0.0, wildcard bits 0.0.7.255

Step 2:

Edit ACL command

RTR(config)#ip access-list standard 23
RTR(config-std-nacl)#no 10
RTR(config-std-nacl)#deny 30

How To Disable \ Enable Journaling Agent In Exchange 2007

How To Disable \ Enable Journaling Agent In Exchange 2007.

In order to to disable \ enable journaling agent in Exchange 2007 we need to use the Exchange shell.

Step 1: Check if the agent is enable or disable.

Open Exchange shell
Type ->    Get-TransportAgent  to check if the egent is enable or diable.

1

Step 2: Disable agent

In the Exchange shell type disable-transportagent and when asked for a value type journaling agent.

2

Step 3: disabled on the mailbox database.

We also need to make sure that journaling is disabled on the mailbox database by:

Right click the mailbox database on the Exchange server you want to disable journaling, and click Properties and make sure Journal Recipient is Unchecked.

3

How to Upgrade Cisco ASDM

In order to upgrade CISCO ASDM software we need to follow the following steps:

1.Download the software from Cisco Website (you need a cisco username)
2.Load the software to the device (ASA)
3.Cofigure the ASA (device to use the new version image file)

Step 1:
Downkload link:
http://www.cisco.com/en/US/products/ps6121/index.html

Step 2:
To load the new version we use the ASDM manger with the following 3 options:
1.
Tools -> Upgrade software from Local computer
2.
Tools -> File Management
3.
Tools -> Upgrade Software from Cisco.com

We can also upload the software using a TFTP server and the copy tftp flash command:
firewall#copy tftp flash

Step 3:
Once image uploaded to the Firewall we need to configure the ASA to point to the new ASDM software and use it (there is no need to reboot router after configuration)

To configure ASA to use new ASDM version:

In ASDM go to:
Device Management – > System Image\configuration -> Boot Image/configuration
Int the ASDM file path click browse and select the new ASDM image.

You can also change the ASDM boot image from the CLI command line using the following command:

firewall(config)#asdm image flash:asdm-613.bin

Step 4:
Save config, close ASDM and go to router page https://ip_address and start the ASDM.

How To Create Users and Login in Cisco Router Or Switch

How To:

This Guide will show you how to create a new user account on your Cisco Router\switch.
By doing this you can grant access to other administrators and monitor changes made on the device.

Solution:

In order to make this work we need to follow two steps:
1.    Create a new account
2.    Configure the device (router or switch to authenticate  users from the local users db).

1.Create Users

Create a new user with the right privilege level.

Router# service password-encryption
Router(config)# username admin priv 15 pass password

2.Authenticate

Router(config)# line vty 0 5
Router(config)# login local

Router(config)# line con 0
Router(config)# login local

Router(config)# line aux 0
Router(config)# login local

Save configuration and try to log on.

You do not have sufficient privileges to delete OU, or this object is protected from accidental deletion

Windows Server 2008 has a new feature to protect OU from accidental deletion.

if you try to delete an OU which was marked with the special protection option you will get the following error message when trying to delete the object:

“You do not have sufficient privileges to delete OUNAME, or this object is protected from accidental deletion”

Fix:

In order to disable the object protection and delete the object we need to follow the steps below:

enable Advanced Features in Active Directory Users and Computers (go to view and tick advanced feature)

Then Right click on the Object and go to the security tab.

Un tick the explicit Deny permission set for Everyone.

Delete object

 

How To Setup Banner display On A Cisco Router \ Switch

How To:
On Cisco Routers and Switches we have the option to set up a banner display when people log in to the device.

Solution:
To setup welcome banner on a cisco device we need to use the banner command:

Banner Command:

switch(config)#banner ?
LINE            c banner-text c, where ‘c’ is a delimiting character
config-save     Set message for saving configuration
exec            Set EXEC process creation banner
incoming        Set incoming terminal line banner
login           Set login banner
motd            Set Message of the Day banner
prompt-timeout  Set Message for login authentication timeout
slip-ppp        Set Message for SLIP/PPP

Example on how to set up a login banner:

switch#config t
Enter configuration commands, one per line.  End with CNTL/Z.
VSW2(config)#banner login Z ########### MY SWITCH ########## Z