Search My Techie Guy

Sunday, November 19, 2017

World Vision Internship Opportunities - Deadline for Application - Dec 03, 2017


Share widely

Thursday, November 16, 2017

How to enable SSH and TELNET access to your CISCO router?


Summary: 

This post will show you how to quickly enable SSH or TELNET access to your cisco device

Problem or Goal: 

To allow remote SSH or TELNET into your cisco device

Cause:

For remote access and management

Solution: 

1. First you need to create a username and password which will be used for this connection. also the service password-encrption command will encrypt all passwords.

#configure t
Enter configuration commands, one per line.  End with CNTL/Z.
(config)#username admin password my_passwd
(config)#service password-encryption
(config)#do wr
Building configuration...
[OK]
(config)#end
#

2. Check to see if ssh service is enabled

#show ip ssh

SSH Disabled - version 1.99
%Please create RSA keys to enable SSH (and of atleast 768 bits for SSH v2).
Authentication methods:publickey,keyboard-interactive,password
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded): NONE

3. Enable ssh service, this will require that you define a domain-name first.

(config)#ip domain-name mtnss.com
(config)#crypto key generate rsa 
The name for the keys will be: router_name.domain.com
Choose the size of the key modulus in the range of 360 to 4096 for your
  General Purpose Keys. Choosing a key modulus greater than 512 may take
  a few minutes.

How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable...
[OK] (elapsed time was 2 seconds)

*Nov 16 09:15:30.339: %SSH-5-ENABLED: SSH 1.99 has been enabled

4. Check again to confirm that the SSH service has been enabled

#show ip ssh

SSH Enabled - version 1.99
Authentication methods:publickey,keyboard-interactive,password
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded):
ssh-rsa AAAAB3NzaC1yc2EAAAAg5nxMPBibofHZdpO4BGd40p6GXjIMEOOlJTjm0
yIFGjEeH/1wvEE/LIyFH5lm9uxo74wTyC+u9TLLfYwOFhjg+YMihr0Ifpr0kYvb5Vz4lckqWV0a8i

5. Configure line console

#configure t
(config)#line con 0
(config)# logging synchronous
(config)#login local
(config)# do wr
(config)#end

6. Configure line VTY and allow SSH and TELNET

#configure t
(config)#line vty 0 4
(config)#login local
(config)#transport input telnet ssh
(config)# do wr
(config)#end

Problem Solved?

Verify by trying to ssh/telnet into your device from a remote computer. make sure the network connection is reachable before testing SSH or TELNET

How to un-configure a cisco router and erase the configuration to factory default?


Summary:

The purpose of this post is to quickly show you how to un-configure your cisco router and erase or reset the configuration back to factory default.
This post assumes that you have the access password to privileged EXEC mode of your router.
If you don't have access to the password, there is another post that i wrote on how to recover the password of your cisco router without loosing your current configuration.

Problem or Goal:

Our aim is to un-configure and reset a cisco router

Cause:

It's advised to always erase your router configuration before selling them in the refurbished market or before donating them to another organisation.

Solution:

1. Log in to the privileged EXEC mode of your router (make sure you have the enable password to your router)

MY_TECHIE_GUY_LAB01#

2. Enter the configuration mode

MY_TECHIE_GUY_LAB01#configure terminal

3. Change the configuration register as follows:

MY_TECHIE_GUY_LAB01(config)#config-register 0x2102

4. Type "end" to go back to EXEC mode

MY_TECHIE_GUY_LAB01(config)#end
MY_TECHIE_GUY_LAB01#

5. Type "write erase" to delete all configuration files from the memory

MY_TECHIE_GUY_LAB01#write erase 
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
[OK]

Erase of nvram: complete

6. Type "reload", and answer the system prompts as follows:

MY_TECHIE_GUY_LAB01#reload 

Do you want to reload the internal AP ? [yes/no]: y

Do you want to save the configuration of the AP? [yes/no]: n

System configuration has been modified. Save? [yes/no]: n

Proceed with reload? [confirm]

7. The router will now reboot, answer "no" when asked to enter the initial configuration dialog?

         --- System Configuration Dialog ---

Would you like to enter the initial configuration dialog? [yes/no]: n



Press RETURN to get started!

Problem Solved?

Your router config is now back to the original factory default.

Router>
Router>en
Router#

Thursday, October 26, 2017

Jobs - Regional Network Administrator (Spedag Interfreight - Kampala, Uganda)



Published on: Tuesday, October 24, 2017
Location: Kampala, Uganda
Job Title: Regional Network Administrator

Description:

  • Maintain a reliable, secure and efficient data communications network. Able to deploy, configure, maintain and monitor all active network equipment in order to ensure smooth network operation.
  • Management and maintenance of Router, Switches, IP Telephony, PABX.
  • Ensure the DNS Records of the Organization’s DNS Zone is up to date.
  • Periodic review and provide quarterly report of the Network Computers host files to ensure, no unwanted DNS entries are available in the host file.
  • Quarterly review, update where necessary and report the DNS records in the Organization’s DNS Zone.
  • Ensure all the network nodes in the organization has primary DNS as local zone, secondary as HQ zone and third one as ISP zone.
  • Ensure the availability of the DHCP Server in all stations and ensure all the Desktops and Workstations are connected as DHCP Client.
  • Separate Network Ranges for the fixed IP for Servers, Printers and other static network devices from the DHCP Range.
  • Prepare VLAN for Guest Wi-Fi Access and actively monitor lease expiry time.
  • Separate the DHCP Lease for using VLAN Access for Organization and Guest.
  • Ensure no handheld devices are accessible to Organization network. Ensure the Branch VPN Tunnels are actively configured with necessary encryption and active failovers.
  • Prepare necessary Dial-up SSL VPN access to the key users based on the authorization from the Head IT Africa / CTO / Group CIO.
  • Prepare, implement and monitor necessary firewall policies to avoid internet abuse and external attacks.
  • Keep up to date documentation on the firewall policies of the organization with the changes updated on periodic basis.
  • Hold review meetings with the Country IT and record improvements and propose necessary corrective actions where necessary.
  • Periodically update software updates to the Network Devices – Firewall OS, Managed Switches
  • Monitor ISP Downtime and hold review meetings with the ISP in line with the defined SLA and negotiate on the rebates.
  • Define network policies and procedures
  • Research and make recommendations on improvements in Network System administration in coordination with the Global Network Administrator. 


Requirements:
  • Expertise in the entire Watch Guard/Cisco line of products (Router, Switches, Firewall, Network Appliances).
  • Expertise in communication protocols at the medial layer (OSI Layer 1 to 3) and host layers (OSI layer 4 to 7) that includes but is not limited to Ethernet 802.11, ARP, IP, TCP, UDP, SSL, TLS, HTTP, SMTP, FTP, DNS.
  • Expertise in network monitoring tools, in order to analyze network related issues and translate the results, graphs into concrete remedial actions
  • Capable of making informed decisions and provide practical, timely solutions
  • Willingness to involve stakeholders in the decision making process, to get buy-in and to implement solutions.
  • Readiness to continuously focus on identifying and meeting customer current and future needs
  • Readiness to provide alternatives and optimized solutions to the Customer.
  • Detail oriented and able to multi task
  • Ability to work alone or in a team, co-operation (mentoring, motivation)
  • Target driven spirit.
  • High energy and resilience.
  • Be authentic, approachable, open and honest.
  • Bachelor of Science or IT related discipline / Experience of 5 years Computer Literacy
  • Working knowledge for hardware: HP PCs, Laptops, Servers, Printers and Cisco Switches, Routers
  • Good knowledge and experience of Watch Guard Firewall, Cisco Switches, LAN, WAN, VPN.
  • Working knowledge with PRTG Network Monitoring or similar tools
  • Preferred knowledge and experience in ITIL and/or CobitActive Directory
  • Preferred knowledge and experience in ITIL and/or Cobit
  • Fluent in English 
Contact:

Submit copies of academic qualifications and resume to; ug.vacancies@spedaginterfreight.com