Screwloose - Cisco

Posts Tagged Cisco

Cisco Router 3G 4G Modem Firmware upgrade

Posted by Andrew on May 1, 2019

Initiate a modem firmware upgrade using the microcode reload command. Ex :

Router# microcode reload cellular 0

lte modem-provision flash:<directory>?

Router# microcode reload cellular 0 0 modem-provision flash: TELSTRA_MC7304_05.05.58.00

Reload microcode? [confirm]

Log status of firmware download in router flash?[confirm]

Firmware download status will be logged in usbflash0:fwlogfile

Microcode Reload Process launched for hwic slot=0; hw type=0x721

Router#

*****************************************************

The interface will be Shut Down for Firmware Upgrade

This will terminate any active data connections.

*****************************************************

Sending cmd=ifconfig eth0 20.20.20.2 up to Linux

*****************************************************

Modem will be upgraded!

Upgrade process will take up to 15 minutes. During

this time the modem will be unusable.

Please do not remove power or reload the router during

the upgrade process.

*****************************************************

*Mar 17 10:02:50.971 PST: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up

*Mar 17 10:02:51.971 PST: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed

state to up

*Mar 17 10:02:52.959 PST: %LINK-5-CHANGED: Interface Cellular0/0/0, changed state to administratively down

*Mar 17 10:02:52.959 PST: %LINK-5-CHANGED: Interface Cellular0/0/1, changed state to administratively down

*Mar 17 10:02:52.959 PST: %LINK-5-CHANGED: Interface Cellular0/0/3, changed state to administratively down

Sending F/W[MC7304_1102029_9903299_05.05.58.00_00_TELSTRA_005.010_000.spk] to the card [34841143bytes]:

Firmware file: MC7304_1102029_9903299_05.05.58.00_00_TELSTRA_005.010_000.spk sent to the card

The current modem F/W App Version: SWI9X15C_05.05.58.00 r27038 carmd-fwbuild1 2015/03/04 21:30:23

The current modem F/W Boot Version: SWI9X15C_05.05.58.00 r27038 carmd-fwbuild1 2015/03/04 18:38:46

The current modem Carrier String: 1

The current modem Device ID: MC7304

The current modem Package Identifier: 1102029_9903299_MC7304_05.05.53.00_00_Cisco_005.009_000

The current modem SKU ID: 1102029

Firmware Upgrade is in Progress…

*Mar 17 10:03:33.683 PST: %CELLWAN-2-MODEM_DOWN: Modem in HWIC slot 0/0 is DOWN

*Mar 17 10:04:06.443 PST: %CELLWAN-2-MODEM_DOWN: Modem in HWIC slot 0/0 is DOWN

F/W Upgrade: Firmware Upgrade has Completed Successfully

*Mar 17 10:06:10.243 PST: %CELLWAN-2-MODEM_UP: Modem in HWIC slot 0/0 is now UP

*Mar 17 10:07:00.443 PST: %CELLWAN-2-MODEM_RADIO: Cellular0/0/0 Modem radio has been turned on

After the firmware upgrade is complete, reload the router. Some modem types require multiple firmware upgrades,

please complete all the firmware upgrades before reloading the router.

HIDDEN COMAND(I got this command from TAC engineer:
Router#conf t
Router#service internal
Router#Test cellular 0 modem-power-cycle

I hope that i will help someone.

Tags: 4G, Cisco

Posted in: Blog, Scripts

Leave a Comment (0) →

Cisco IOS Port forward Range

Posted by Andrew on April 16, 2018

Port forwarding on Cisco IOS devices can be a bit tricky but here is a easy way to do it.

192.168.59.10 is the server you want to port forward to. (You need to have this in twice for the NAT Pool)

ip nat pool POOL1 192.168.59.10 192.168.59.10 netmask 255.255.255.0 type rotary
ip nat inside destination list VOIP pool POOL1
!
ip access-list extended VOIP
permit tcp any any eq 5060
permit udp any any eq 5060
permit tcp any any range 10000 15000
permit udp any any range 10000 15000

Tags: Cisco

Posted in: Blog

Leave a Comment (0) →

Reset AP in 887VAW

Posted by Andrew on November 2, 2016

If you need to get access to the AP in a 887VAW but don’t know the password you can always

service-module wlan-ap 0 reset default-config

It will reset it back to factory defaults.

Tags: 887VAW, Cisco

Posted in: Blog, Technical

Leave a Comment (0) →

Cisco Router Secuirty

Posted by Andrew on March 16, 2015

Cisco Routers are cool but i have been finding a few issues with DDOS attacks of late. Mainly DNS and NTP.

DNS DDOS

access-list 153 remark Block DOS DNS
access-list 153 permit ip host 202.62.147.50 any – Replace this with the DNS server your using
access-list 153 deny tcp any any eq domain
access-list 153 deny udp any any eq domain
access-list 153 permit ip any any

Then add

!
interface Dialer0 – your dialer interface
ip access-group 153 in

NTP DDOS

! Core NTP configuration
ntp update-calendar             ! update hardware clock (certain hardware only, i.e. 6509s)
ntp server 192.0.2.1            ! a time server you sync with
ntp peer   192.0.2.2            ! a time server you sync with and allow to sync to you
ntp source Loopback0            ! we recommend using a loopback interface for sending NTP messages if possible
!
! NTP access control
ntp access-group query-only 1   ! deny all NTP control queries
ntp access-group serve 1        ! deny all NTP time and control queries by default
ntp access-group peer 10        ! permit time sync to configured peer(s)/server(s) only
ntp access-group serve-only 20  ! permit NTP time sync requests from a select set of clients
!
! access control lists (ACLs)
access-list 1 remark utility ACL to block everything
access-list 1 deny any
!
access-list 10 remark NTP peers/servers we sync to/with
access-list 10 permit 192.0.2.1
access-list 10 permit 192.0.2.2
access-list 10 deny any
!
access-list 20 remark Hosts/Networks we allow to get time from us
access-list 20 permit 192.0.2.0 0.0.0.255
access-list 20 deny any

Taken from http://www.team-cymru.org/secure-ntp-template.html

Tags: Cisco, Cisco DDOS, DNS, NTP

Posted in: Blog, Technical

Leave a Comment (0) →

Linksys / Cisco Dial Plans

Posted by Andrew on March 16, 2012

Just a quick post. Put in a SRP527W for a customer that is using the AT for cordless phones.

To make the phone dial quicker i changed the dial plan to

It also add’s a 03 for local numbers. (For the SIP providers that need it)

Tags: Cisco, Linksys, SIP, VOIP

Posted in: Blog

Leave a Comment (0) →