Configure SNMPv3 read write access for HP and Cisco switches, routers, etc.

HP switches

tested on the following gear

  • E-series 3800


snmpv3 enable
(complete the wizard)
snmpv3 group managerpriv user <user-name> sec-model ver3
snmpv3 user <user-name> auth md5 <password> priv des <password>

 

Cisco switches and routers

tested on the following gear

  • switch: 3750
  • router: 3845


snmp-server group v3ReadWrite v3 priv read v1default write v1default
snmp-server user <user-name> v3 auth md5 <password> priv des <password>

note:If your software version doesn’t support encryption, then you will not be able to have authentication encrypted. You may verify you software version with the ‘show version’ command

How-to recover deleted photos from a flash drive

I used this software awhile ago to recover some photos that were deleted from a flash drive and it worked great. Just posting it here incase I have a need for it again it can quickly be located.

Link: http://www.cgsecurity.org/wiki/PhotoRec

IPHTTPS interface creation failure (error: 0x643)

OS: Windows 8
Issue: DirectAccess connection will not complete
Cause: I believe this to be related to updating the Intel wireless drivers
Solution: Still trying to find it


C:\Users\virtrick>netsh int https show int

Interface IPHTTPSInterface (Group Policy) Parameters
————————————————————
Role : client
URL : https://das.virtualrick.com:443/IPHTTPS
Last Error Code : 0x643
Interface Status : IPHTTPS interface creation failure

HP A-Series to Cisco LACP switchport link-aggregation

Left side: HP 5820

Create the bridge-aggregate interface

int br50
link-aggregation mode dynamic
quit

Join the member ports to the bridge-aggregate

int gi1/0/48
port link-aggregation group 50
quit

Configure the bridge-aggregate

int br50
port link-type trunk
port trunk permit vlan ${vlan-list}
quit

Add member ports to bridge-aggregate
int gi2/0/48
port link-aggregation group 50
quit

YOUR DONE…..on this side

 

 

Right side: Cisco 3020 blade switch

 Create port-channel by adding first member


int gi0/21
channel-group 1 mode active

configure the port-channel

int po1
switchport nonegotiate
switchport mode trunk
switchport trunk allowed vlan ${vlan-list}
end

Add members to port-channel

int gi0/22
channel-group 1 mode active
end

Done on this side…. don’t forget to verify!

 

Useful commands

description / HP / Cisco
determine member port state / dis link summary / show ether summary
determine which ports are members / dis link verbose br50 / show ether summary
debug lacp / debug link-aggregation all / debug lacp

 

Other notes

  • ensure that your VLAN list is identical on both sides. If they are not, it will cause the member ports to not become selected.

 

External monitor turns black & white when docked

The issue

When docking my Lenovo T430 laptop running Windows 8, one of my two Acer S240HL monitors goes black & white; always monitor 1 of 2.

The band-aide

  1. Open the NVIDA control panel
  2. Notice “Digital vibrance” has changes to 0%
    • Capture
  3. Click “Restore Defaults” in the top right corner and click Apply. This will return the setting to 50%

The permanent fix

In the recent round of Windows updates there appears to have been a fix. The issue fixed it self…

RADIUS authentication w/ HP A-series and E-series equipment

It’s very useful to use RADIUS for authentication. This post is aimed at providing the quick and dirty details to make it happen on the HP A-series and E-series equipment.

Important note: Be sure to set a local manager account on all switches before enabling RADIUS. If you do not set a local manager account and RADIUS is not reachable, then you will not be able to manager your gear.

A-Series

Tested on: 5920 & 5820

5920

Capture

Manager rights: cisco-AV-Pair shell:roles=network-admin
Ready-Only: cisco-AV-Pair shell:roles=level-1

5820

The important thing to note here is that there are no attributes currently available that will grant you a specific level of rights. Use RADIUS to controll access, then use the super command to control the access level.

example radius scheme configuration

radius scheme radius-auth
primary authentication <server>
primary accounting <server>
key authentication <key>
key accounting <key>
user-name-format without-domain
quit
super password level 1 simple <password>
super password level 2 simple <password>
super password level 3 simple <password>

E-Series

Tested on: 3800

RADIUS attributes

Enabled mode: RADIUS Attributes > Standard: Service-Type:Administrative
Monitor mode: RADIUS Attributes > Standard: Service-Type:NAS Prompt

Example configuration

radius-server host <server> key <key>
aaa authentication ssh login radius local
aaa authentication ssh enable radius local
aaa authentication login privilege-mode