Networknet.nl

If you are managing local area networks which extent the UTP capabilities than most likely some kind of fiber optic equipment has been installed. Recently I evaluated couple of different Cisco switch models and ordered one Cisco Switch 2940-8TF to test with current equipment I am managing. Please make sure to read the product details and order the right fiber cable. Most of the equipment I have has a ST connector; Cisco 2940 has a integrated 100BASE-FX port with MT-RJ connector. Check wikipedia for more information on optical fiber connectors.

Cisco product details:

The Cisco Catalyst 2940-8TF is a member of the Catalyst 2940 Series Switches, small, standalone, managed switches with 8 Fast Ethernet ports and a single integrated Fast Ethernet or Gigabit Ethernet uplink. The switches are designed to be used outside the wiring closet in the end-user workspace, such as classrooms or conference rooms, and feature a durable metal shell, no fan for silent operation, easy wall or under-the-desk mounting, a security lock slot to prevent theft, and an available cable guard to lock down cables and help prevent theft.

Complete with a simple web-based Express Setup, a free Java-enabled web-based monitoring and configuration tool, and the rich functionality of Cisco IOS, this switch provides comprehensive functionality and manageability for classrooms, conference rooms, or other small workgroup environments. Easy to install and manage, periodic software updates for life, and built to last, these switches provide outstanding investment protection and the lowest total cost of ownership in its product class.

• 8 Ethernet 10/100 ports + 1 Ethernet 100BASE-FX + 1 1000BASE-X SFP port (one uplink active at a time)
• Wall-mountable, standalone, managed switch
• Catalyst 2940 Standard Image (SI) software
• Available with optional Cable Guard

During the installation I collected some screenshots. Take couple of seconds and check out the web and telnet interface of Cisco 2940 switch here.

Today I scheduled to move some components of one of the file servers I was using to another one and remove this 4U server from the rack. Another Dell PowerEdge 2600 was waiting to get those components installed. I added the memory, harddisks and the second Intel Xeon 2.4 GHZ CPU and I than turn on the server. The server started but no input on the tft monitor . Hhm I than started to remove one by one of the new components I installed into the system. First memory than harddisks and in the end I removed the second installed CPU and the system boot. I than add memory and harddisks and server come up again.  

So I ended with this second CPU and the server did not boot if it was installed. I started to google and basically did not find anything in the right direction. My last option was Dell support website and I logged on with my registered account, located the system with System tag and went to the servers documentation. After reading for couple of minutes in the Microprocessor Upgrade Kit Contents section I realized I had forgot to add the VRM .
What is VRM??
VRM is the voltage regulator module that senses the microprocessor’s voltage requirements and ensures that the correct voltage is maintained.

I installed the VRM module in the second VRM connector and booted the system. It detected my second installed cpu ;).

Two 2.4 GHZ Processors, Processor Bus: 400 MHz, L2 cache 512 KB Advanced

 

Cisco IOS introduced the support of a range command in Release 12.0(7)XE, Release 12.1 E, and Release 12.1(5)T and above to select multiple ports wihtin the Cisco switch interface configuration. I am using the range function to assign my first twently gigabit ports as trunk interfaces for my VMWare ESX environment.

The Interface Range Specification feature allows specification of a range of interfaces to which subsequent commands are applied and supports definition of macros that contain an interface range. The Interface Range Specification feature is implemented with the range keyword, which is used with the interface command. In the interface configuration mode with the range keyword, all entered commands are applied to all interfaces within the range until you exit interface configuration mode.

The Interface Range Specification feature makes configuration easier because:

•Identical commands can be entered once for a range of interfaces, rather than being entered separately for each interface.

•Interface ranges can be saved as macros.

Switch1#enable

Switch1(config)#interface range gigabitEthernet 0/1 - 20

Switch1(config-if-range)#spanning-tree portfast

Switch1(config-if-range)#switchport mode trunk

Switch1(config-if-range)#^Z

Switch1# copy running-configuration startup-configuration

Switch1#show running-configuration

It can save some time when configuring a new Cisco switch and not assigning manual configuration for each Ethernet interface.

If you are installing different VMWare ESX servers than the CDP support in the networking area can help you find the right port on your Cisco switch; for details check my previous post. After I identified the port than I went back to the switch configuration and add the interface description!

In the following example I am configuring port forwarding to a Windows Server 2003 Standard Edition PPTP VPN server. My configuration has been configured as shown in the diagram. I have a /28 network registered on the Internet and 14 public IP Addresses are available though the SDSL ISP modem. The SDSL modem is providing these IP addresses by the internal DHCP server. For the Cisco PIX 501 firewall I am using manual assigned Public IP Address.

In the CLI command lines below I am configuring static NAT on a public IP Address for tcp port 1723 (pptp) and assign the private IP Address/hostname to VPN-02 which has been defined in the line “name”.

fixup protocol pptp 1723

name 192.168.5.35 VPN-02

access-list outside_access_in permit tcp any host 194.0.0.2

access-list outside_access_in permit gre any host 194.0.0.2

pdm location VPN-02 255.255.255.255 inside

static (inside,outside) tcp 194.0.0.2 pptp VPN-02 pptp netmask 255.255.255.255 0 0

What did I achieve with this configuration? After I applied this configuration I was able to connect from my Windows XP & Windows Vista clients with built-in VPN client and connect using the PPTP protocol. I also used static port forwarding on tcp 1723 port and enabled the GRE IP protocol fix by using the “fixup protocol pptp 1723″ command. Without the fixup for pptp protocol I was forced to translate complete internal host (VPN-02) and using all TCP ports. If you don’t apply to fixup than you probably will get eventlog message like one below.

Last year I installed three Dell PowerEdge 1950 1U servers and since than I used them in production as VMWare Server hosts. Couple times when creating and migrating the guest machines I received a warning that my CPU was VT capable but not enabled. To enable this option reboot the Dell server, hit F2 to enter the BIOS and change the Intel VT Virtualization Technology CPU setting. Each month there is a scheduled maintenance and if there is a security update than it will be installed and server reboot, but than I will need to be there and enter the BIOS by console or DRAC console. For that reason I created two scripts to check the CPU bios setting and if required execute the second cmd script to enable the VT option.

Please make sure the Dell OpenManage software is installed. The commands available for Windows and ESX operating systems.

@echo off
REM Ivan Versluis / Ivan1980(at)networknet.nl / Dell PowerEdge Intel VT check
omreport chassis biossetup & omreport chassis processors
pause

@echo off
REM Ivan Versluis / Ivan1980(at)networknet.nl / Dell PowerEdge Intel VT enable
omconfig chassis biossetup attribute=cpuvt setting=enabled
omconfig chassis biossetup attribute=dbs setting=enable
pause

For more information check out this document.  The enable script has been executed and I only need to get new security updates for this month. I’ve seen no security update  information from Microsoft last days and I will need to wait until next WSUS assigned patches will reboot the servers.

In this screencast I am going though the installation process of the Lenovo Finger print software. The fingerprint reader was included on our new global Lenovo T61p  model at work and I am the first one who is performing the hands on this technology. It’s amazing how this has been evolved in the last couple of years and playing with the reader for one week I personally would implement this on each office computer. Don’t register same finger with two different accounts ;-). One finger for admin account and another one for normal user privilege.

[Show as slideshow]

Lenovo ThinkPad T61 6457-4XG

Intel Dual Core 2 T7500(2.2GHz), 2GB RAM, 120GB 5400rpm HD, 15.4in 1680×1050 LCD, 128MB nVIDIA Quadro NVS 140M, CDRW/DVDRW, Intel 802.11agn(n-disabled), Bluetooth, Modem, 1Gb Ethernet, UltraNav, Secure chip, Fingerprint reader, 9c Li-Ion, WinVista Business

For more info on T61 check out the blog of Keith Combes (Technet) and his review and installation of Vista X64.