20+ years of experience in the IT industry Fulfilled number of roles as Senior Technical consultant with expertise on Networking, Security, Infrastructure, Wireless and VOIP Design, Implement, Configure, Maintenance and Migration.
Flexible and productive team player working in different environments with solid work ethic who experts effort in successfully completing tasks.
Good Knowledge of Implementing and Configuring IP Addressing, TCP/IP, Layer 2/Layer 3, Routing and switching with Networking Routing Protocols.
Designed and Deployed VPN technologies: DMVPN, GET VPN, FlexVPN, MPLS Layer -3 VPNs, Multicast VPN (MVPN), IPsec site-to-site VPNs, L2TPv2/3 remote access VPNs, IPsec remote access VPNs, SSL remote access VPNs, VPLS and MPLS.
Good Experience in configuring and designing network securities such as AAA, TACACS+, RADIUS, SSH, IPsec, ACL, RBACL, Firewalls, NAT, IDS/IPS, NGFW / NGIPS, ISE 1.4 / 2.X and Content Filter (web,email).
Good Experience Virtualization environments like VMware ESXi 5.X, 6.X. vSphere suite, Cisco UCS, AWS EC2, Hyper-V, Citrix and Private / Public Cloud Services.
Good Experience with Firewall and Load Balancer Products like Checkpoint , Palo Alto, ASA / FTD , Fortinet Firewalls, Load Balance products like Citrix NetScaler, Big F5, and KEMP.
Good Experience in Designing and implementing Enterprise Campus Network Core, Distribution, Access Layer network, Using core as Cisco 6500, 6800, 9500, Distribution Cisco 6500, 4500, 9400, Access layer as 2900, 3500,3600, 3700, 3800, 9200, 9300.
Good Experience in Designing and implementing Data Centers using latest network devices and Technologies including 10 Gig Fabric, vPC, vDC, Cisco UCS (5108, B and C series servers, 61XX, 62XX, 2104, 2208), Nexus 1000v, Cisco (VSG), Cisco Nexus 9K/7K/5K/3K, Nexus 2K FEX, Cisco MDS SAN Switches, ASA Cluster with Multi-Context, Juniper VMX, SRX Firewall/Router and EX Series Switches.
Implemented Many PoC and moved to Live network in the area of SDN, Cloud, vXLAN, NSX, Express Route, Splunk, ELK, LogRhythm, InfoBlox, Mail Marshall, MoveIT, Cattools, Solarwinds – NTA, NPM, NCM, Safenet Token, NPAS.
Good skills on Service-Now – Service Ticket Manamgent and Change Managment Process.
Better Understanding of Coding Knwoledge Like, HTML,CSS,PHP,.NET,Perl, Shell, Python,YANG, XML, PowerShell.
Better Underanding of Databases like, MySQL, MSSQL, ORACLE, PGSQL.
20+ years of experience in the IT industry Fulfilled number of roles as Senior Technical consultant with expertise on Networking, Security, Infrastructure, Wireless and VOIP Design, Implement, Configure, Maintenance and Migration.
Flexible and productive team player working in different environments with solid work ethic who experts effort in successfully comp
Thanks for the confirmation you followed the steps. when you get chance, while upgrading using ISSU, please connect the console and post all the logs to understand what went to wrong.
May be this information help you, may be your case please check.
3.1. Possible Issue
C-6880X#issu loadversion 1/5 bootdisk:c6880x-adventerprisek9-mz.$
% CV [ bootdisk:/c6880x-adventerprisek9-mz.SPA.151-2.SY4a.bin ] must be named first in BOOT [ bootdisk: ]
You can check the config of boot system image like this:
C-6880X#sh runn | i boot
boot-start-marker
boot system bootdisk:
boot-end-marker
If you have similar boot system bootdisk: without the image name c6880x-adventerprisek9-mz.SPA.151-2.SY4a.bin or similar in it you should delete that row and enter it with old IOS image mentioned in it:
C-6880X#conf t
Enter configuration commands, one per line. End with CNTL/Z.
C-6880(config)#no boot system bootdisk:
C-6880(config)#no boot system bootdisk:/c6880x-adventerprisek9-mz.SPA.151-2.SY4a.bin
C-6880(config)#do wr
Building configuration...
[OK]
... View more
Do you have any other username with admin level to access the kit and change ?
If you have admin acces, then try below :
username balajibandi privilege 15 secret MyOwnPassword
balajibandi - change the username as per requirement
MyOwnPassword - change the password as required.
... View more
Steps for ISSU: (any issue, connect console and post all the logs to understand the issue).
Steps :
1. Upload IOS to both Chassis
copy tftp://1.1.1.9/yourversion-new.bin bootdisk:
and same for slavebootdisk:
copy tftp://1.1.1.9/yourversion-new.bin slavebootdisk:
2. Check if you have this new image on both chassis (dir bootdisk, dir slavebootdisk)
#dir bootdisk:
3, Check MD5 verify /md5 disk:yourversion-new.bin
4. Use these commands in order to verify that the VSS is ready to run the upgrade procedure:
show issu state detail show redundancy show module switch all show issu state detail
6. Start ISSU Upgrade
#issu loadversion 1/2 bootdisk:yourversion-new.bin 2/2 slavebootdisk:yourversion-new.bin
7. Switchover to upgraded chassis. #issu runversion
8.ISSU Upgrade Accept new IOS on upgraded chassis. #issu acceptversion
9. ISSU Upgrade of Standby Chassis #issu commitversion
Last Verify:
To verify that you succeeded with the upgrade check the output of:
show issu state detail show redundancy show module switch all
Good refrence also :
https://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/117564-technote-issu-00.html
... View more
We have seen this issue while we doing ISSU upgrade, i prefer doing old plain method as below.
Some of us prefer to use a different method:
Copy the IOS to the primary bootflash:
Copy the IOS to the secondary bootflash:
Remove the boot variable string pointing to the old IOS
Add the new boot variable string pointing to the new IOS
Insert the boot variable string pointing to the old IOS
Make sure the config-registry is 0x2102
Save the config
Reboot
Notes : make sure you have backup all the config.
Make sure you read the release notes before upgrading
Perform upgrade in maintenance window, this required some reboots.
... View more
If you can avoide doing NAT on Neuxs (i personally avoid.) - i prefer to do on Cat 9500 is good option. - again depends on design where you like to be done NAT.
here is the document for nexus Limitation : Guidelines and Limitations for Static NAT
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/interfaces/configuration/guide/b_Cisco_Nexus_9000_Series_NX-OS_Interfaces_Configuration_Guide_7x/b_Cisco_Nexus_9000_Series_NX-OS_Interfaces_Configuration_Guide_7x_chapter_01100.html
... View more
Adding to other post Check this thread may help you:
https://community.cisco.com/t5/switching/pls-explain-svi-acl-source-and-destination-direction/td-p/2365577/page/2
... View more
Yes Certicate based authentication also a good option. i have couple of setup done all working as expected.
Hope you have pre-package laptop builds, we setup auto renew every 7days - so security risk can be mitigated.
choose what best option for the coporate policies.
... View more
Look a tthe VPN Setup guide and compare with your setup :
https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb3842-advanced-vpn-setup-on-rv215w.html
If you still have issue, post the screenshot to review and advise.
... View more
This below statement proves that : Other end not the issue. the issue with only broadband.
I am having issue with my VPN. It keeps on connecting and reconnecting every few minutes when it is connected to my home wifi. There are no issues when I connect my work laptop to mobile hotspot.
Enable the debug and see what is wrong why it disconnecting.( check the tweaks of broadband router) - not sure what model you have, may be check the vendor documentation.
... View more
Here is how I am planing to add this switch:
Make sure you have running configuration backup.
Do this in maintenance windown, in case anything go wrong, you may need to reboot entire stack to resolve the issue
Stacking rules :
Make sure both the hardware same models,
All switches i n the switch stack need to be running compatible software versions.
Turn off the power of the new switch
connect the stacking cable (Cehck to Cisco documentation)
connect the console cable to switch (just in case any obnormal logs you can capture)
Turn on the power of the new switch
Once the boot process finished. check show switch - see new switch added to stack
change the priority of the switches which one you like to be active.
here is the reference guide :
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3e/ha_stack_manager/configuration_guide/b_stack_ha_3e_3850_cg/b_stack_ha_3e_3850_cg_chapter_011.pdf
... View more
Here is comparison, that base License is 100MB, if you need higher you need to buy a license to higher level
https://www.cisco.com/c/en/us/products/routers/4000-series-integrated-services-routers-isr/models-comparison.html
here is the License and support models (Aggregate Throughput (Performance License) with 4331 can go 300Max
https://www.cisco.com/c/en/us/products/collateral/routers/4000-series-integrated-services-routers-isr/data_sheet-c78-732542.html#Ordering-Information
you can also test for 60days by activation tem license :
You may activate the temporary throughput license with:
# platform hardware throughput level XXXXX
It will work for 60 days until expires reloading after that period.
You should activate the permanent license with a PAK.
... View more