Sunday, October 19, 2014

Meraki Masters Program

I recently ran through the Meraki Masters program at Cisco Meraki HQ in San Francisco.  I have to say the experience was pretty enjoyable.  Meraki Masters is an invitation only session for select partners that provide a three day intensive training with Meraki product experts.

The days started early and were fast paced.  No scheduled breaks and we worked through lunch every day.  They did feed us breakfast and lunch every day at least!

Day 1 focused on the MX (Security Appliance) and MS (Switching) product lines, Big Wins, and some demo training.  We did work through some advanced labs similar in style to the CMNA course.  They also gave us a tour of the building showing the different departments.  The HQ has a very tech startup feel.  Game rooms, open floor plans, dogs walking around.  The day concluded with a Happy Hour at Cisco Meraki HQ.  The Happy Hour was a good chance to meet up with some Cisco Meraki AM's that cover differenct portions of my region.

Day 2 focused on MR (Wireless), MDM, Back-end Engineering, demo training, and Support & Troubleshooting.  Personally, I was most interested in learning more about MDM and wasn't disappointed.  For every product, we had top tier product managers presenting on their topics.  We got to ask questions and provide input on different products. Back end engineering was a great peak behind the curtain on how the Meraki product line works behind the scenes.  The day finished with a team offsite event.  Unfortunately I had to do some work and wasn't able to make it but it sounded like people enjoyed themselves.

Day 3 was demo day.  We were assembled in to multiple teams and provided a customer scenario.  We worked together to create a presentation plan.  Its funny to think about all these competing partners working together for a customer presentation.  Overall everyone was very cool.  We only had 1 guy on our team who wasn't a team player but everything worked out.  During lunch we had a Q&A with executives.  This was more interesting then I expected to be honest.  At the end of Day 3 the best presentation received a special gift.

The course was definitely focused on the presentation component.  They give you the technical info you need and show you how to present like a Meraki SE.  We now have access to special demo accounts that will help show customers all the options that Meraki has to offer.  We also get to participate in Meraki Masters monthly engagement activities, quarterly check-ins with CAMs, exclusive calls with Meraki experts, marketing promotions, and beta testing of new products.  I've already received an email on an interesting beta item I'm excited to check out next week.  I also received the CMNP designation as part of the training.

If you are interested in a free demo showing you how useful a Cisco Meraki Cloud Managed solution can be for your organization, let me know!


Wednesday, March 12, 2014

Cisco Live 2014 CAE #CLUS

It looks like the Cisco Live Customer Appreciation Event will be fun.  This year the music will be provided by Lenny Kravitz and Imagine Dragons and hosted at AT&T stadium, the home of the San Francisco Giants.


They claim to have the best ballpark food in the west.  We'll see about that :)

I mentioned to my wife and daughter that Lenny Kravitz was the entertainment for Cisco Live.  My wife is a fan of his music all the way back from high school.  My daughter is a fan of him playing Cinna in the Hunger Games film.  Have to be honest, my wife is fairly jealous that she isn't seeing Lenny Kravitz.  

I had to do a little research on Imagine Dragons although I know their hit song Radioactive.  What I didn't know was that Billboard Magazine has named Imagine Dragons "The Breakthrough Band of 2013.  Among other accolades Rolling Stone named their single "Radioactive" "the biggest rock hit of the year and MTV called them "the year's biggest breakout band."

Cisco promises that this 25th anniversary CAE event will be one to remember.  I'm told there will be 'Rock N Roll' tricks on the field during "half time" (after Lenny's set) and you definitely want to be on the field for that..

Tuesday, March 04, 2014

Cisco Live 2014 #CLUS

Last year was my first Cisco Live and it was one of my most enjoyable experiences in my IT career.  The flow of information was tremendous and to me the whole thing seemed put together really well.  My only complaint is the show doesn't run 24 hours a day.  I would love something where I could attend sessions by day and labs at night but I assume I'm in the minority here.

As it turns out, it looks like I'm lucky enough to go again this year!  Last year I went alone and this year 2 other people from my region get to go so that will be nice.  I can't wait!

Since last year was my first time at Cisco Live, I think I missed out on a few things that I hope to attend this year.

Things I enjoyed last year:
Social Media Tweetup
Sessions - Sessions - Sessions
Met up with some customers
World of Solutions was pretty fun
Labs
Cisco Exam but I hope to pick a more reasonable time to take the test.
CCIE party was ok...  I will try it again but not really my type of thing in general.

Things I hope to take advantage of this time:
More labs
Meet the expert sessions
Table topics at lunch
Customer Appreciation Event - I was thinking the food was going to be similar to the CCIE party which wasn't that exciting.  Also, if I'm going to see live music, it's going to be a band I'm excited to hear (or a band my wife wants to hear, here at home).  As far as park rides, I'll save that for family time.  Only thing I missed was that I heard the food options were pretty good.

I'm hoping to find some info/sessions/hands on with Cisco ACI and Cisco Modeling Labs (CML).  I'm really excited about CML!  Last year I did base sessions like OTV, ISE, etc.  This year I hope to hit the fringe a bit more.  I'm also curious if there is anything going on for the #ciscochampion(s).  I think its pretty much the same group of people attending the tweetup but who knows!

Don't forget to check the Social Media promo's on the Cisco Live page!  You never know, you could win something.


Tuesday, January 21, 2014

Fix for Outlook 2011 slow calendar

I've been having a problem lately that was driving me crazy on my Mac Outlook 2011 (version 14.3.9).  MBP Mountain Lion (still).  It took around 30 seconds to go from any tab to calendar which was quite frustrating.  Any other tab I had no problem or delay when switching to.

My Outlook is only used for Exchange connectivity at work that I believe is running Exchange 2010.  I'm connected to 10 or so shared calendars at a time.

I noticed in the Calendar tab that I had a folder 'On My Computer' that had about 1000 Recovered Folders.  I googled what these were and could only find that they may be related to rebuilding an identity database on the client (which I've had to do in the past).  Further googling found suggestions on some forums that you shouldn't delete these folders but that didn't seem to be based on any particular knowledge base article or experience, just random opinion.

I couldn't find the folders on the Mac so I just started deleting them in Outlook.  I could not figure out how to mass delete them so I just started deleted Recovered Folders in the Calendar tab under 'On My Computer' one by one.  I apologize to you that I didn't take a screenshot before deleting them so I just recreated what I saw.  I had many more Recovered Folders though.  Once I deleted them, calendar is zipping around.  No delay between inbox/calendar/contact tabs now.  Opening shared calendars is even quicker now.  I have restarted Outlook numerous times and deleting the Recovered Folders doesn't seem to have impacted anything.



I didn't find this particular suggestion online, so hopefully this helps someone.

Monday, December 23, 2013

Easy transfer of files to/from Cisco Router

As a consultant, I'm constantly working remotely with people but still need an easy way of transferring files with a router (captures, OS files, etc).  This tip is 101 stuff but since I needed to help someone today with this I thought I would pass it along.

My little scenario here is an example using IOS routers but I've also tested it on XE.

When I need to upload or download files to/from a router, I like to use SCP to transfer the files.  I like this better then trying to stand up an FTP or TFTP server.  This is especially handy when working with devices outside the firewall.  SCP uses Secure Shell (SSH) to securely copy files.  With SCP you connect directly to the device and transfer files back and forth.  This is useful for transferring captures or OS files.

On the router, you'll need to enable SSH, AAA, and SCP.

ip domain-name company.com

hostname routername

crypto key generate rsa general-keys modulus 2048

ip ssh version 2

username someuser privilege 15 secret somepassword

aaa new-model

aaa authentication login default local

aaa authorization exec default local

Enable SCP on the router.

ip scp server enable

Starting in 6.0(2)N1(1), NX-OS also supports SCP.
Enable with:

feature scp-server

On Mac or Linux, to push or pull the files, you can use the built in command line.

You don't have to but I suggest going to the directory on your computer where the file you want to upload is or where you want to download the file to.  Open terminal on your Mac or Linux to run the commands below.

Download file:
In this example I'm downloading the file callfail to the current local directory.  In case you don't catch it, the dot at the end means the current local directory.
scp username@5.5.5.5:flash:callfail .

In this example I'm downloading the file callfail to my Documents folder.
scp username@5.5.5.5:flash:callfail Documents/


Upload file:
In this example I'm uploading the IOS from the local directory to the router.
scp c2900-universalk9-mz.SPA.151-4.M7.bin username@5.5.5.5:flash:c2900-universalk9-mz.SPA.151-4.M7.bin

If you happen to be on Windows, WinSCP and PSCP (from the makers of putty) are pretty popular.  WinSCP is a GUI based option, PSCP is CLI like above.

Cisco Reference Doc:
http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/sec_secure_copy_ps6922_TSD_Products_Configuration_Guide_Chapter.html

I recommend disabling the SCP server when not needed.

Update: I received a response on Twitter from John Spade (@DaSpadeR) that he once had an IOS router that would reboot when accessed this way.

So, as with everything in our field your mileage may vary.

Monday, December 09, 2013

Cisco Jabber on iPhone through ASA VPN bug

When you are the 'network person', you need to troubleshoot the network to prove the network is not the problem.  I'm writing about this bug because I couldn't find anything online about it and Cisco TAC says it has not been published yet.

Problem

Cisco Jabber 9.5 on the iPhone works on the network internally but not through the ASA VPN.

Confirm it actually does work internally: check
Everything else works through VPN, on the phone: check
Simple ping to CUPS server on the phone: check
Can bring up web page of CUPS server via DNS through the phone: check
No over-engineered filters or acl's in place hindering traffic: check

I'm not much of a voice tech so I had one of the voice engineers check the configs on CallManager.  Says everything is good to go.

I ran a capture on the ASA and see traffic going back and forth to the client as expected.  Not sure if it's the correct ports, but whatever I see bidirectional traffic.

Sadly, I opened a TAC case.  Worked with both the application team and ASA team.  Ran captures on the ASA again, iPhone Anyconnect Client and also on the CUPS server.

The Apps person found this error:

OnLoginError: LERR_JABBER_UNREACHABLE:

TAC Suggested the phone client couldn't not resolve the name of the CUPS server through the VPN.  This didn't make sense to me since I could resolve the name (hostname, and FQDN).

Resolution:

Luckily, they had a fix on the CUPS server that would actually resolve the issue:
Change the xmpp server name to the IP address.

Step1. Login CUP server as admin. Click menu "System"  -  "Cluster Topology".
Check the picture below.



Step2.  After Step1, You will see the CUP servers listed in the Subcluster.  The CUP nodes are shown as xmpp server names, in this example as “cups1” and “cups2.” Click the node. You can change the name to the IP address.  In the picture below the node name was cups1, and I changed it to "10.201.216.201".




After you change the node name to the IP address, you can now test over VPN.  This change was not service impacting, but it may be best to perform this change after business hours.  You never know.

The bug id is not yet public: CSCul54468
According to Cisco, this should be fixed in Q4 2013 but posting here in case anyone runs in to this problem during troubleshooting.

Side note: If you are curious on the ping client I used on the iPhone, it was iSys.



Monday, November 04, 2013

Terminal Alias commands on Mac

One of the little things I enjoyed on Linux was using alias commands on the terminal.  Alias commands allow for quick shortcuts to longer commands that you may want run in the terminal.

I'm including a few I use on the Mac.

In order to use a terminal alias, you need a .bash_profile.  The . makes it a hidden file.  A default Mac build likely doesn't have a .bash_profile.  If you've installed things like MacPorts then one may have been created already.  You can add to an existing file.

Open up terminal.  If you don't know how to open terminal, close the browser, go get some ice cream and don't come back.

In terminal type
cd ~
 - This takes you to your home directory

Type
ls -al | grep .bash

 - This lists all the files starting with .bash.  Do you see .bash_profile?  If yes, then you can just edit that, if not it needs to be created.  That character between -al and grep is the pipe.  (Shift \).

To create a new one type
touch .bash_profile

In order to edit the file, you need to open a text editor of some sort.  I like vi but if you don't know what it is, don't use it.
Default TexEdit:
open -e .bash_profile

Have TextWrangler?
open -a /Applications/TextWrangler.app/ .bash_profile


Add the following commands in to the file.

# reload your bash config

alias src="source ~/.bash_profile"



# CPU and Memory stats

alias cpu='top -o cpu'

alias mem='top -o rsize' # memory



# DNS

alias flush="sudo killall -HUP mDNSResponder"

alias dns="cat /etc/resolv.conf"



# Get local IP info - removes loopback and static VMware fusion

alias ip='ifconfig | grep "inet " | grep -v 127.0.0.1 | grep -v 192.168.223.1 | grep -v 192.168.210.1'



# Get Local default gateway

alias gw="netstat -rn | grep default"



# Get VPN Routes when connected

alias vrt="netstat -rn | grep utun | grep UGSc"



# Get Public IP

alias pubip="curl ifconfig.me"


Save the file.
The commands won't work right off the bat, you'll need to load/reload the profile.
"source ~/.bash_profile"
Once done, you can just use "src" in the future (the first alias) to reload the profile after you make additional changes.

The shortcut is the word after alias and before the =.  The real command is after the =.

One note, the Local IP info string strips out the loopback IP and my VMware fusion IP's.  You can find yours by just running a straight ifconfig to see what IP's you need to strip out.

Also, I found some of the commands on the Web, some I created.   Have fun.