Cisco Wireless Lan Controller Update with Pre-Download

Posted by robd on June 13, 2019
Wireless / No Comments

Hello,

Had an issue joining a Cisco 2800 AP to a Cisco Wireless Controller

So the first thing to check is country code of the AP and controller and the time.

 

The AP is a -E and the country is on the controller:

https://www.cisco.com/c/dam/assets/prod/wireless/wireless-compliance-tool/index.html

Time looks ok:

 

To the console!!!

 

Looks like this controller version 8.0.133.0 isnt compatible with 2800s:

https://www.cisco.com/c/en/us/td/docs/wireless/compatibility/matrix/compatibility-matrix.html

Time to upgrade.

First check the APs are compatible with the version you are going too:

Looks ok.  Next download it (oh also download the code you currently have installed in case you need it!) and while you’re waiting backup the controller config:

 

Before you reboot, go to the CLI:

Check the version:

 

Pre-image the APs:

Check the progress:

Reboot the controller via the GUI.

Done:

 

Tags: , ,

Clear Group Policy Cache

Posted by robd on May 13, 2019
Group Policies / No Comments

Pretty easy one but dont think its on my blog, here’s how to clear down the GPO cache meaning it will pull down correctly:

  • Open My Computer/Computer
  • Go to: %windir%\system32\GroupPolicy
  • Delete everything in the folder.
  • Then delete: C:\ProgramData\Microsoft\Group Policy\History
  • Restart the computer to re-apply the group policies

If that doesnt do what you need it to:

  • Delete the “HKLM\Software\Policies\Microsoft” Key
  • Delete the “HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects”
  • Delete the “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies”

Worse case:

  • Remove the computer from the domain
  • Restart computer
  • Run gpupdate /force
  • Rejoin the domain

Tags: , ,

Set-ACL – Se file and folder permissions

Posted by robd on May 12, 2019
powershell, Server / No Comments

I wanted to add an AD group to all the files and folders in a share, the problem is inheritance had been turned off on lots of the folders so I couldn’t just add the AD group to the top and let it filter down. So the solution was to use PowerShell.
First I mapped a drive to the Share (x: in this case). Why didn’t I run this on the server? UAC is a pain in the bum.

You’ll need to change the path and the domain and AD group.

 

Tags: ,

Get-ACL – Report file and folder permissions

Posted by robd on May 11, 2019
powershell, Server / No Comments

If you need to report out file and folder permissions of a file share, see the below PowerShell.

First map the the share to a drive if it isnt already.  In my case X: drive.

Why didn’t I do this on the server hosting the files?  UAC gets in the way and is a pain the bum.

 

 

Tags: ,

icalcs – Backing up Permissions

Posted by robd on May 10, 2019
powershell, Server / No Comments

I wanted to make some changes to some permissions on mass today but decided it would be prudent to backup the permissions first.

So I used icals, to do this I first ran CMD as admin, then mapped the share drive with “Net Use“.

Why didn’t I do this on the server hosting the files?  UAC gets in the way and is a pain the bum.

To backup the permissions:

Swicthes:

/t – Performs the operation on all specified files in the current directory and its subdirectories.

/c – Continues the operation despite any file errors. Error messages will still be displayed.

Then to restore:

 

Tags: , ,

iPerf

Posted by robd on May 08, 2019
Networking / No Comments

I’ve been running iperf a lot recently, which is a tool to measure TCP, UDP and bandwidth performance across a network.  I’ve been running this specially from the users computer to a local server i.e. not across a WAN or MPLS etc.

The users computer has a 1GB connection to the switch and from there the switch is connected to the server via a 10GB NIC.

On the server I ran:

On the client I ran:

Below are my initial results, as you can see the connection is nearly maxing out its 1GB connection:

[ ID] Interval           Transfer     Bandwidth

[  4]   0.00-10.00  sec  1.10 GBytes   942 Mbits/sec             sender

[  4]   0.00-10.00  sec  1.10 GBytes   941 Mbits/sec             receiver

 

I then ran the same test but increasing the TCP connections to better simulate a heavy network application.  From the screen shot below the network is performing well.

So what do all the switches mean:

-t  option used in the above command tells to transfer data for 20 seconds.

-w will specify your desired window size value.  Whenever two machines are communicating with each other, then each of them will inform the other, about the amount of bytes it is ready to receive at one time. In other words, the maximum amount of data that a sender can send the other end, without an acknowledgement is called as Window Size.

-P 20 will increase the number of parallel TCP connections i.e. to 20 (Parallel TCP connections).

-R enabled reverse connections to and from the server

-I Changes the interval between periodic bandwidth tests. For example, -i 60 will make a new bandwidth report every 60 seconds. The default is zero, which performs one bandwidth test.

-B Binds iPerf to a specific interface or address. If passed through the server command, the incoming interface will be set. If passed through the client command, the outgoing interface will be set.

-i {time in seconds} #### update interval on screen; default is 1 second. Can be useful when running large numbers of concurrent tests to increase the interval, or disable with “-i 0”

–logfile {filename} #### outputs what would normally be in your terminal to a log file of your choosing.

 

Want to test QoS?  Specifically EF, then is the is bad boy:

 

Tags: , ,

Edit VMs using PowerShell and PowerCLI

Posted by robd on January 28, 2019
powershell, vmware / No Comments

To resize VMs using PowerShell with PowerCLI from a csv list, first install the software:

 

https://my.vmware.com/web/vmware/details?downloadGroup=PCLI650R1&productId=614

 

Then create a list of servers to resize and save it as a CSV file in C:\temp\VMs.csv:

 

 

Save the below as Something.PS1 and run from PowerCLI

Note: Change VCENTRE to your vCentre, this script will TURN THE SERVER OFF then give each VM two CPUs, one socket and 5GBs of RAM.

 

 

Tags: , ,

Orphaned VM in VMWare 6.5

Posted by robd on January 24, 2019
vmware / No Comments

Had an issue where I’d deleted a VMDK from a LUN and was left with orphaned VM in vSphere, no problem I thought…right click and remove from inventory.  The problem is, all options were greyed out:

So what to do?

Enable SSH on the host.

Connect wit Putty and run:

List all registered VMs

Then to unregistered:

 

Tags: , , ,

Group Policy for TPM 1.2 and 2.0

Posted by robd on January 23, 2019
Encyrption / No Comments

We have two GPO’s one for TPM 1.2 and one for TPM 2.0, the reason being is TPM 1.2 is not compataible with 256 encryption.

 

Here’s a handy table Dell have produced:

https://www.dell.com/support/article/us/en/04/sln312590/tpm-12-vs-20-features?lang=en

Algorithm Type Algorithm Name TPM 1.2 TPM 2.0
Asymmetric RSA 1024 Yes Optional
RSA 2048 Yes Yes
ECC P256 No Yes
ECC BN256 No Yes
Symmetric AES 128 Optional Yes
AES 256 Optional Optional
Hash SHA-1 Yes Yes
SHA-2 256 No Yes
HMAC SHA-1 Yes Yes
SHA-2 256 No Yes

 

We then use WMI filtering to distinguish TPM 1.2 from 2.0.

 

The TPM 1.2 WMI filter:

Namespace:

Query:

 

The TPM 2.0 WMI filter:

Namespace:

Query:

 

Tags: , ,

Client Connecting to WLAN on Cisco WLC

Posted by robd on January 22, 2019
Wireless / No Comments

Hi All,

Had a issue with users connecting to a WLAN on the virtual controller i.e. my mobile phone (94:65:2d:29:00:00) wouldn’t connect to standard PSK SSID.

So I ran the following on the console:

Then tried to connect and had the following results:

The bottom line looked like the issue was a client connection limit per WLAN so I had a look on the console and found:

 

Changed it to 0 and BOOM.

Tags: ,

Copy Protected by Chetan's WP-Copyprotect.