Log into the CLI and run
show logging application ise-psc.log
or
show logging application ise-psc.log tail
Category: Cisco
Stackwise Virtual 9500 Config
stackwise-virtual
domain 10
exit
!
interface range Hu1/0/51-52
stackwise-virtual link 1
!
exit
interface Twe1/0/48
stackwise-virtual dual-active-detection
end
wr
reload
Upgrade code on Catalyst 9K
CCIE23050-9300#dir usbflash0:
Directory of usbflash0:/
271 -rwx 1016679035 Jan 24 2022 06:40:18 -06:00 cat9k_iosxe.17.06.02.SPA.bin
272 -rwx 4096 Jan 24 2022 07:35:10 -06:00 ._cat9k_iosxe.17.06.02.SPA.bin
4018077696 bytes total (3000442880 bytes free)
CCIE23050-9300#copy u
CCIE23050-9300#copy usbflash0:cat9k_iosxe.17.06.02.SPA.bin flash:
Destination filename [cat9k_iosxe.17.06.02.SPA.bin]?
Copy in progress…CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
CCIE23050-9300#dir flash:
Directory of flash:/
CCIE23050-9300#install add file flash:cat9k_iosxe.17.06.02.SPA.bin activate commit
This operation may require a reload of the system. Do you want to proceed? [y/n]y
— Starting Activate —
Performing Activate on all members
CCIE23050-9300#sh version
Cisco IOS XE Software, Version 17.06.02
Switch Ports Model SW Version SW Image Mode
—— —– —– ———- ———- —-
* 1 65 C9300-48H 17.06.02 CAT9K_IOSXE INSTALL
2 65 C9300-48H 17.06.02 CAT9K_IOSXE INSTALL
CCIE23050-9300#install remove inactive
How to get into LINA-CLI on CISCO FTD
Login to the FTD with admin and type expert
type sudo su and enter password.
type lina_cli and hit enter to access the ASA CLI
type enable and hit enter.
to get out of it press Ctrl+A and then d
In newer versions this following command will get you into LINA:
system support diagnostic-cli
Wireless Client troubleshooting.
Wireless Lan Controller client debug
debug client
debug dhcp message enable
debug aaa all enable -> very busy
debug dot1x aaa enable
debug mobility handoff enable
debug disable all -> to turn off.
ASA Netflow
flow-export destination INSIDE 10.1.1.1 2058
access-list FLOW_EXPORT_ACL extended permit ip any any
class-map FLOW_EXPORT_CLASS
match access-list FLOW_EXPORT_ACL
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 65535
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
class FLOW_EXPORT_CLASS
flow-export event-type all destination 10.1.1.1
6500 netflow
interface Vlan77
ip address 172.16.77.254 255.255.255.0
ip helper-address 172.16.1.1
ip flow ingress
ip flow egress
ip pim sparse-mode
ip flow-export source Vlan9
ip flow-export version 9
ip flow-export destination 10.1.1.1 2056
6500 mls netflow
6509-1#sh mls netflow ip source 77.77.77.77
Displaying Netflow entries in Active Supervisor EARL in module 1/5
DstIP SrcIP Prot:SrcPort:DstPort Src i/f :AdjPtr
—————————————————————————–
Pkts Bytes Age LastSeen Attributes
—————————————————
10.77.77.101 77.77.77.77 udp :56969 :dns Vl31 :0×0
1 85 211 13:05:51 L2 – Dynamic
172.16.77.21 77.77.77.77 tcp :53416 :443 Vl31 :0×0
16 13730 8 13:09:15 L3 – Dynamic
10.77.77.101 77.77.77.77 udp :57666 :dns Vl31 :0×0
1 71 211 13:05:51 L2 – Dynamic
10.77.77.101 77.77.77.77 udp :62039 :dns Vl31 :0×0
1 69 8 13:09:14 L2 – Dynamic
172.16.77.52 77.77.77.77 tcp :53359 :443 Vl31 :0×0
1 46 291 13:04:31 L3 – Dynamic
10.77.77.101 77.77.77.77 udp :65402 :dns Vl31 :0×0
1 75 271 13:04:51 L2 – Dynamic
172.16.91.50 77.77.77.77 udp :57668 :389 Vl31 :0×0
1 196 211 13:05:51 L3 – Dynamic
172.16.9.52 77.77.77.77 tcp :49188 :5721 Vl31 :0×0
66 4026 998 13:09:14 L3 – Dynamic
33.33.25.205 77.77.77.77 tcp :53409 :443 Vl31 :0×0
13 3642 50 13:08:34 L3 – Dynamic
ASA Syslog
logging enable
logging timestamp
logging buffer-size 100000
logging buffered alerts
logging trap debugging
logging host INSIDE 77.77.77.245
To turn logging off on a per message basis.
no logging message 305011 Built dynamic TCP translation
no logging message 305012 Teardown dynamic TCP translation
no logging message 401004 shun
no logging message 711001 traceback
no logging message 304001 Accessed URL
logging message 505013 level informational – change level
logging message 505015 level informational – change level
logging rate-limit 5 30 message 106017 – Rate-limit message
logging rate-limit 10 5 message 305006 – Rate-limit message
ASA Anyconnect config
Pre 8.3
ssl trust-point ASDM_TrustPoint1 OUTSIDE
webvpn
enable OUTSIDE
anyconnect-essentials
svc image disk0:/anyconnect-win-3.1.02040-k9.pkg 1
svc image disk0:/anyconnect-linux-2.5.6005-k9.pkg 2
svc image disk0:/anyconnect-macosx-i386-2.5.6005-k9.pkg 3
svc image disk0:/anyconnect-linux-64-2.5.6005-k9.pkg 4
svc enable
tunnel-group-list enable
tunnel-group TG_Anyconnect type remote-access
tunnel-group TG_Anyconnect general-attributes
address-pool VPN_POOL
authentication-server-group RSA
tunnel-group TG_Anyconnect webvpn-attributes
proxy-auth sdi
group-alias A disable
group-alias A_AnyConnect enable
group-alias Anyconnect disable
Post 8.3
ssl trust-point ASDM_TrustPoint1 OUTSIDE
webvpn
enable OUTSIDE
anyconnect enable
tunnel-group-list enable
tunnel-group TG_Anyconnect type remote-access
tunnel-group TG_Anyconnect general-attributes
address-pool VPN_POOL
authentication-server-group RSA
tunnel-group TG_Anyconnect webvpn-attributes
proxy-auth sdi
group-alias A disable
group-alias A_AnyConnect enable
group-alias Anyconnect disable
group-policy DfltGrpPolicy attributes
dns-server value 8.8.8.8
vpn-simultaneous-logins 500
vpn-idle-timeout 180
vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-client
default-domain value ccie23050.com