Thursday, December 29, 2011

My IP Phones are Finally Alive!

I finally configured basic DN's for my IP Phones on both my HQ and my Branch router. I also configured a simple VoIP dial-peer so that I can place calls between the two sites. I can even dial my analog phone at the HQ site from all of IP Phone too without any issues. I'll be wrapping up Chapter 3 in the CVoice book by this weekend and then it's on to the Dial Plan chapters. I'll be configuring my PSTN router to emulate the PSTN finally as well. I'm estimating that I'm about 50 hours deep into my studies so far. Probably another 70 hours or so in and I'll probably be at the point were I'm prepping to sit for my first ever Cisco Professional level exam!

Monday, December 26, 2011

Two Weeks of HE Double Hockey Sticks!

Well about halfway into my studies for CVoice, it hit me that I didn't have near enough flash memory (only had 64MB) to install both IOS 15 and CME 8.x. So I went on a long, I mean long hunt to find Compact Flash that would work with my routers. I even contacted a Cisco Engineer Manager in my local area to see if there was any official memory I could borrow but with no luck. I needed at least 256MB, I went to at least 3 different local chains like Target and Best Buy but they just don't sell CPFlash any more.

I searched my office some more and found a decommisioned router that actually had a 1 GB CPFlash SanDisk card in it but the tab to eject the flash card was broke so I used a flat head screw driver and pretty much destroyed the card when I finally got it out. I finally hit eBay and plunked down a little money and I was able to to get two 256MB cards that actually worked!

I spent my entire study session today (3 hours) getting the new flash cards installed with IOS 15 along with CME 8.0 and very basic phone info. I of course hit a few snags but it wasn't too horrible now that I'm looking back on it. I didn't want to go to far in the book without getting CME configured so I spent a lot of my days catching up on CVoice videos I had which helped re-enforce a lot of the topics I've learned so far. I of course did my Mnemosyne's as well. If you look above you'll see a successfully registered 7940 phone.

Sunday, December 18, 2011

CME Overview and Basic Lab Configuration

I went over the first dozen pages that gave a very high level overview of CME. I spent most of my time prepping my CCNP: Voice lab with basic network configuration. I created the voice/data vlan's, assigned IP's, configured router-on-a-stick, DHCP, and etc. I also spent a lot of time figuring out how I'm going to get CME onto my routers. I don't have near enough flash so I'm going to go ahead and see if I can purchase some at a local store. 64MB just won't cut it, especially when the IOS version 15 takes up 50MB alone! I have most of the bare bones configuration I need so once I have the flash installing CME 8.x will be a breeze...hopefully.

Saturday, December 17, 2011

CVoice Chapter 2 Complete

I knocked out Chapter 2 today and I'm already almost at the half way mark in the book. The first two chapters presents a lot of theory so it makes since as to why they're probably the longest. This chapter dived into the voice signaling protocols along with some examples of how to use them. The hardest part to digest in this chapter was the fax theory (it always is). Never the less it's time to start digging into CME again finally starting in Chapter 3. I created my Mnemosyne's for chapter 2 as well so I knocked out quite a bit just today.

Tuesday, December 6, 2011

Mnemosyne's and Chapter Completion

I finished CVoice chapter 1 along with the review questions, I only missed one question and honestly I think it was worded poorly...oh well. I forgot about this flash card tool called Mnemosyne's, I decided to start creating flash cards for every chapter I finish. This is something quick and easy I can study while at work during any short breaks or downtime I have. I'm 160 pages in, Chapter 2 begins tomorrow!

Sunday, December 4, 2011

Crossed the 100 page Marker in CVoice

I knocked out about 30 pages in the CVoice book today. The topics covered the various types of controller configurations using T1's, E1's, BRI's, and PRI's. I also went over a brief overview of Echo and Echo cancellation. There were a bunch of examples of different controller scenarios and I attempted to tackle as many as I could. For some reason I didn't have BRI commands available on my routers but that's alright as I doubt I ever use this in the real world. Once all was said and done, I threw back on the original configuration and placed my test calls. The next section dives into DSP's, I'm 128 pages in so far, the book is a little over 600.

Wednesday, November 30, 2011

Traditional Call Signalling Overview

I was only able to get an hour in of study this evening due to performing some after hours work on our CUCM. I'm going to be enabling dependency records so that I know what ties to what. For example knowing what configurations depend on a specific device pool or calling search space (css). I'm wanting to get rid of our call configuration for one of our remote sites that's been shut down months ago but I had a lot of troubles figuring out what was tied to what.

I eventually went up the hierarchy in my head of how you configure things in CUCM from what little knowledge I have. I removed everything from the regions, locations, device pools, etc  for this site but there's still two css's that I can't figure out what's calling out to it. I'm also going to provision some of the region settings for our new remote site since configuring regions can drop calls currently in progress.

I was able to knock out about 10 pages today along with jotting notes down about the signaling types related to Supervisory, Addressing, and Informational. I left off going over the various E&M signaling from immediate start, wink-start, delay start and the different Types I-V used with Supervisory signaling. I won't be studying tomorrow as I will be doing an after hours upgrade on our Unity Connection servers. There's a good chance I may not study Friday as well depending on how much I want to have a social night that night!

Tuesday, November 29, 2011

Much Better Study Session!

Thanks to the help of a co-worker I was able to resolve the issues I was having with my PRI configurations. I knew it was something to do with clocking but I was just too annoyed to research it yesterday. Apparently there's a command called isdn protocol-emulate that is used to make a Cisco router emulate as the CPE or as PSTN switch basically. I threw this on my router I'm using to emulate the PSTN (go figure) and did away with the T1 CAS's and provisioned them back as PRI ISDN lines. Sure enough the circuits came right up without any issues.

After messing with that and placing test calls, debugs, and etc. I was able to knock out 18 pages in the CVoice book, way better progress than yesterday. I'm also going through old CBTNugget videos on CVoice as there's some good refreshers on traditional telephony. My plan is to listen to one of the videos first thing in the morning time permitting. We're about to bring up our new remote site so I'm going to be knee deep in configuring Cisco devices and creating the dial plan in CUCM. This should be some good experience, we also plan on doing some clustering over the WAN by bringing up a CUCM subscriber at this new site, also good experience!

Monday, November 28, 2011

Horrible Study Session

So to start off with, yesterday I made some decent progress. I knocked out about 30 pages of reading yesterday along with buying two cheap analog phones to test out POTS dial-peers using the PSTN. Today however was a complete mess, I wouldn't say I didn't learn anything but I made it through 1/2 a page of reading! The rest was spent troubleshooting Layer1 and 2 issues with just about every WIC card I had. From the FXS card that wasn't compatible with the Cisco 2821's all the way to ISDN layer two issues with my PRI configuration.

I gave up on PRI for now and went to T1 CAS but even that gave me a lot of issues. I spent an hour trying to get one analog phone to talk to each other, something that should be rather simple. I eventually got one end to call the other but not the other way around. It took another twenty minutes to figure out that the E&M signaling type was mismatched on both ends. Somehow I blew out my entire T1 configuration on both ends (I was frustrated to say the least) and spent another hour getting the configurations just right so that the routers were able to match dial-peer configurations to their respective ports.

I pretty much wasted 3 hours on a simple configuration but I guess in the end I gained some troubleshooting experience. I just 10 minutes ago was able to make a call to both analog phones from both sites. I'm using the PSTN router as my remote site for now since I don't have a 2800 compatible spare FXS card or a spare $150 to purchase one. I'm 43 pages in to the book so far, I'm hoping to make up for lost progress tomorrow.

Saturday, November 26, 2011

CCNP Voice Home Lab Nearly Completed

I retrieved most of the items on the list that I talked about yesterday, the last thing I really need for the CVoice is an analog phone. I'm thinking that I can go to Radio Shack or Walmart and buy a cheap $10 analog phone without any bells or whistles. I attached a picture above of how it looks physically, it's not the cleanest looking but it should get the job done. I had some weird issues with the HQ 2821 router not booting the startup-config. after being annoyed for 30 minutes, I looked it up online and somehow the registry setting was set to skip the NVRAM during boot-up. My guess is that this was the router I had to use password-recovery and I just forgot to change the settings back, either way it took all of 30 seconds to fix the issue.

I also read 13 pages in the CVoice book and wrote down notes between the differences of the four call-signaling protocols H.323, SIP, MGCP, and SCCP. I attached a picture above of my lab setup, there's still an analog phone and a dedicated VMWare server for the unified applications that I'm missing. I'll start putting together the VMWare server after I pass CVoice unless for some reason I absolutely need it, I don't see this happening though.

Friday, November 25, 2011

Setting up the CCNP Voice Lab Progess

My first day in of fully committing to the CCNP Voice certification is off to a great start. I'm building my home CCNP: Voice lab based on a modified version of Kevin Wallace's Voice lab design. The modified version is pictured above, I may add an extra switch for the branch site and an extra IP phone if needed; I also may add an extra branch site. I still need the following to complete the home lab and then I'll snap a few pictures of my final design for this certification:

  • 1 T1 cross over cable (PSTN router to branch office router)
  • 3 Cisco IP Phones (Maybe 4 if I decide to borrow an additional switch)
  • 1 IP Phone Power Brick (There's no PoE on the Cisco 28XX Gig ports)
  • 2  Seven foot long Ethernet cables (For the HQ IP Phones)
  • 1 Analog Phone (Hoping I can borrow this from someone)

I spent an hour or so setting up the physical equipment, cables, and basic network configuration. The longest part was provisioning the T1 controllers for the pseudo PSTN network using PRI connections. The HQ router didn't even see the VWIC card it had to configure it. After a quick Google search it jogged my memory of the card-type command and specifying if it was going to be a T1 or E1 controller. I'm surprised that I was able to configure the PRI ports all from memory, very good start to this long journey ahead.

I also went ahead and started my Safari Book subscription once again and read the pre-face for the new CCNP CVoice book by Kevin Wallace. I'm so glad that there's FINALLY material to study for this certification. I upgraded both Cisco 2821 routers to IOS 15.x already and I've downloaded a few different CME 8.x versions and a COP file for CUCM 8.0 for the later tracks. I'll proabably wait until around chapter 3 in the CVoice book to actually start installing and configuring CME but we'll see how impatient and anxious I get before hand.

I'm going to use the following web link: for a general idea on setting up the PSTN router. I'm pretty sure that the Cisco 1760 that I'm using will be more than efficient for this job.What's going to make it or break it for me through this certification will be how much I can stick to a study plan, consistency is going to be the key I think. I'm wanting to get 16 hours in a week of study time. Two hours on the weekdays and Three hours on the weekends, I'm going to use a timer to keep me on task and of course lots and lots of Coffee!

Tuesday, November 22, 2011

1ExamAMonth and More Studying

I went through about 25 pages on additional Presence design along with viewing a few CCNP: Voice videos regarding basic dial peer configuration on It was all just review really from CCNA:Voice material, I'll keep going through the free videos on the website and I may purchase or see if my company can purchase the full training videos. I'm also looking at the IPExpert training videos but they're twice as expensive.

Monday, November 21, 2011

CUPS (Presence)

I went over about 30 pages in the SRND Guide regarding presence and best design practices. I have a little over 250 pages to go until I move onto the actual certification books and start digging in into my home lab setup. I should be getting the second 2821 put together later this afternoon and I think I should be all set. I'll borrow a few Cisco IP Phones from work and maybe buy a cheap analog phone from the Goodwill or something. MY 1760's have a FXS/FXO cards already so I can always shuffle them around where needed.

Friday, November 18, 2011

Thousand Pages Read, 300 More Until GO Time!

I finally crossed the 1,000 page mark in the CUCM 8 SRND guide (1356 pages total). I spent the last few days covering Unity and the design recommendations associated with it. As I near the end of the guide, I'm starting to finally acquire the hardware and plan out the materials I need for the CCNP: Voice. My company is letting me borrow two 2800 series routers loaded up with all the PVDM's and VWIC's I would ever need. I might need to buy another FXO/FXS card though.

I plan on using one Cisco 2821 (pictured above)  as a Voice Gateway for the HQ and the other for the branch site. I'm going to use one of the 1760's as the PSTN network hopefully, and maybe the other for a 3rd branch site. I'm thinking I can get through CVoice cert without the dedicated ESXi server loaded up with CUCM, Unity, Presence, and maybe UCCX. It seems that CVoice focuses more on the gateway's and CME (Call Manager Express).

I would love to hear any suggestions or recommendations about this lab setup, it's hard to find other people going for the new updated cert since there's not a lot of material for it like the CCNP: R&S.

Saturday, November 12, 2011


 I studied up on CUBAC which is short for Cisco Unified Business Attendant Console is an application designed specifically for receptionist to answer and dispatch calls. This requires a standalone server for the application itself and then integration with CUCM using CTI, AXL API and the Cisco TSP driver for call control. We currently use this in my work environment, when it works it's flawless but it likes to flake out every once awhile. 9 times out of 10 when there's issue with the program, simply logging the receptionist completely off attendant console and back on resolves whatever issue there is.

Sunday, November 6, 2011

Music on Hold SRND

I'm currently going through the best practices section regarding music on hold (MoH) using unicast, multicast, or both to stream audio media. This section also covers best practices depending on your network environment, such as competently centralized VoIP network, multi-site network with centralized call processing, our multi-site network with multiple clusters.

In my current work environment we currently use unicast for MoH and our environment has centralized call processing with multiple remote sites. We actually used to use multicast for MoH because it's obviously more efficient but we ran into a Cisco Call Manager bug with our previous version 7.x. We have since upgraded to 8.X but whatever TAC engineer we were working with recommended unicast over multicast when possible. Seems as if the SRND says otherwise, again for obvious reasons.

Thursday, November 3, 2011

Cisco Unified CM and LDAP Connectivity

I spent the last few days reading the SRND chapter regarding CUCM and synching with LDAP. This is what we currently do in our environment since upgrading from 6.x to 8.x. Before we synchronized with our AD environment, it was a very manual and painful experience adding or changing user accounts in the phone system. Especially when we would provision new remote sites. It also makes administrating all of the different unified communication components alot easier since there is pretty much a single log in for all of our equipment. We even had security consultants come in and configure our ACS device to synch with AD so that we could log into all of network devices with our single Windows Account login, very efficient!

Sunday, October 30, 2011

Inter Cluster Trunks (ICT)

I'm currently reading through the section regarding inter cluster trunks in the SRND guide. More specifically H.323 and SIP trunks between Unified CM Clusters. Nothing to detailed and pretty high level overview on recommendations regarding ICT's directly between clusters or using a Gatekeeper. I also went over high availability, load balancing, and the newer features that CUCM 8.x offers. I'm still drawing up what my CCNP: Voice lab is going to be or even if I decide to go for the cert still. VoIP is growing so fast and there's a multitude of different vendors out there, especially with SIP, it's hard to imagine spending 1k-3k for a very vendor specific certification. We'll see though

Wednesday, October 12, 2011

UPoE - Universal Power over Ethernet

I was able to listen in on a webcast regarding the new UPoE and I decided to take a few notes, I've written them below:

  • UPoE is setup to currently provide up to 60W of power for many types of devices rather than just phones. We're talking about PC monitors, Thin Clients, even LED lights.
  • Power over Ethernet has had the following time line so far
  1. 7W of Inline Power beginning in 2000
  2. 15W of PoE beginning  in 2003
  3. 30W of PoE+ beginning in 2007
  4. 60W of UPoE beginning in 2011
  •  I didn't know this but RJ-45 is a universal socket, this is the only type of connecter that is used by the entire world.
  • UPoE uses all 4 Ethernet wire pairs with 15W running through each pair for a total of 60W. It should be noted that data WILL work just fine using UPoE over the Ethernet cable.
  • To determine safety with the new UPoE technology. A test was conducted using a bundle of 100 cables with maximum UPoE power sent through them. They were able to determine that there are no dangers of handling this additional wattage over the Ethernet cable. Also the heating temperature only increased by 10 degrees when comparing the 15W bundle with the 60W bundle.
  • CDP is used by Cisco devices for power negotiation while non-Cisco devices use LLDP

Saturday, October 1, 2011

Configure the Network CCNA Lab Scenarios is now FREE

I'm now giving away my CCNA Lab Scenario book away for free from this point forward, just click the link to the right to download the entire eBook!

Tuesday, September 20, 2011

Cisco Briefing Bytes - New Cisco 4500 Life Cycle

This morning I was able to attend a small conference regarding the future for the Cisco 4500 platform along with the present. The 4500 series currently comes in 3 flavors, small (4503), medium (4507), and big (4510). Below I'll highlight briefly what I've learned and what I thought of the presentation.

The presentation was in a small conference room at my local Cisco office featuring models of all the latest and greatest offerings from the Unified Communications world. Our presenter was very knowledgeable, it was only me and two other guys who attended but the questions we shot to him he was able to handle with out skipping a beat. The presentation was the perfect amount of length for the product, 30-45 minutes long with Q&A time.

4500 New Features:
There are a ton of new features but I'll quickly list what caught my attention below:
  • Software WLAN Controller using a Supervisor Slot
  • Supervisors now use Dual Core CPU's
  • Internal VRF's (Allows multiple independent routing tables to be created) up to 64
  • Energywise Power Management
  • UPoE (Universal PoE) 60 Watts per port to power not only phones but also other network, computer equipment that are becoming PoE enabled such as monitors, Thin Clients, etc
4500 will use the new IOS-XE for its operating system, it sits on top of a Linux Kernel which allows it to take advantage of the dual core CPU and allows separate software to be run. WireShark comes installed by default and allows packet capture for not only the Control Plane but for also the Data. Also new to the new chassis and supervisors is the VSS (Virtual Switching System) that behaves very similar to HSRP on routers in which there's one IP to manage multiple switches in an active active state. the endpoint isn't aware that there are 2 or more physical switches and only sees it as one; this allows for  very High Availability.

Current Capabilities:
The presenter went over things the current 4500 chassis can do, in our case we use 1 WS-4510-E. There's a feature called ISSU that allows upgrades on the Supervisors without having to physically reload the chassis or Sup which causes downtime. Something else I had no idea about is what's called EEM which is a built in editor that seems to be pretty feature rich. There's even a GUI that can be used for the editor.

Like everything else that's moving to the new version 15 IOS, the new IOS has every feature set installed but you're unable to use them until you license them.  By default the 4500 IOS comes with LAN Base but in order to enable IP services you'll have to purchase a license to turn on the IP Base features.

Sunday, September 18, 2011

The New CCNP: Voice Certification is Expensive...For Me

Now that I'm preparing to deep dive into the CCNP: Voice track, I'm in the very early stages of figuring out what hardware, software, etc I'll need to get through the entire exam. At the very minimum I'll need to cough up at least $2,000-3,000 dollars I think. Sadly when I put together my CCNA: Voice lab before the new update I used all equipment that isn't compatible with the new version 8.x that Cisco is currently on. I have a few 1760 routers and possibly even some VWIC's and some other stuff that I might not be able to reuse. I should of done better research of the long term and what will be needed.

Oh well lesson learned, I'm going to either borrow equipment from work or purchase a few 2801's and a beefy PC to through all the Cisco Software on in a VM environment. I need a new PC any ways, it's about 4-5 years old lol. I can obtain IP phones for both Type-A and Type-B easily, my work laptop for Presence testing and other random things. I'll need to buy some cheap analog phones which is simple and other random things. I'm going to go off of this good diagram which is a HQ, one branch, and a PSTN router for external calls. If absolutely needed I'll buy equipment to make a 2nd branch office. Hopefully this will get me through everything. I'm estimating about 18 months of study time give or take. Cisco changes certification requirements so much that if I'm going to tackle this I need to start now rather than later. It would suck to get 3/4 through the CCNP: Voice and have to start over due to an update to the track.

Wednesday, September 14, 2011

User Input on Type-A and Type-B Phones

The SRND guide describes to types of phones which are the group of phones known as Type-A and the other group known as Type-B. Type-A phones consist mainly of the older and less power phone types such as the 7912's, 7940's, and 7960's. The Type-B phones are mainly the newer models such as 7941's and 7942's. The way you dial phone numbers vary by the phone type and the the protocol used (SCCP or SIP). Cisco phones connected to CUCM are basically dumb terminals that really on the CUCM to control them.

What's interesting is that user input when dialing numbers using SCCP on the Type-A phones relays a signalling event to CUCM every time a key is pressed. Which results in CUCM sending feedback regarding the buttons pressed in real time such as dial tone, ring back, etc. However when you're using SIP on Type-A phones, all user input events are stored until the user press the # key or Dial softkey. This is similar to cell phones where you dial the entire phone number you would like to call and then hit the "send" button to place the call with the carrier.

Saturday, September 10, 2011

Dial Plan Design

I ran through most dial plan design recommendations today in the SRND guide. The example above show's the model that we've adopted due to the smaller size of our network environment.

Sunday, September 4, 2011

Unified CM and CME Connectivity

There are two primary ways to connect Cisco Unified CM systems and CME's between sites, that is H.323 or SIP. The primary focus in the SRND seems to be on the H.323 model which is deployed using either a Cisco Unified Border Element (CUBE) or what's called a via-zone gatekeeper. The important thing to note between CUCM and CME is that H.450 is used with CME for supplementary services but not with CUCM which can turn into dropped calls over a PSTN due to compatibility issues. I believe CUBE or a via-zone gatekeeper is used to mitigate these issues and act as the middle man. SRND is a pretty high-level document so a lot of things I read aren't going to really explain the reasons why or how. That's what's the CCNP: Voice books should provide for me...hopefully.

Saturday, September 3, 2011

Gatekeeper Redundancy

There seems to be two different options for gatekeeper design, clustering and directory gatekeeper (DGK). It looks as if the preferred method is clustering gatekeepers together rather than creating a DGK. Using gatekeeper clustering, you configure a local gatekeeper at each site but then you make redundant alternate connection other sites. This allows for the gatekeeper to provide primary call routing for the main site along with providing alternate call routing for other locations connected to it and vice versa.

DGK depends on the Hot Standby Router Protocol (HSRP) or by configuring multiple DGK's in your environment. I'm still trying to wrap my head around how this particular way works a little more.

Wednesday, August 31, 2011

Call Processing Overview

I'm on part 2 of the Unified CM SRND guide, it's a good 400 pages long so it's going to take me a while to finish this section. The last few days I went through 40 pages or so reading up on a high-level over view regarding the best ways to deploy Call Manager 8.x along with providing scalability, resiliency, and high speed performance. This is for all three flavors of Cisco Unified Communications:

Cisco Unified Communications Manager (CUCM)
Cisco Unified Communcations Manager Business Edition (CMBE)
Cisco Unified Communications Express (CME)

Sunday, August 28, 2011

Unified CM Clustering over the WAN

I went over yet another Cisco VoIP deployment model which involves configuring a CM cluster that is spread over multiple remote sites. So there is a subscriber and maybe a backup subscriber (depending on resiliency needed) at each site that is to be involved with the CM Cluster. With that you provide either local fail over or remote fail over. Local fail over provides the most resilience sense it implies that there's a subscriber and backup subscriber at each site. Remote fail over provides more flexibility since you are failing over to another remote sites CM subscriber server essentially instead of failing over to your own local subscriber. This model only requires one subscriber as well.

I also reviewed the section that discusses virtualization of all of these different deployment models using Unified Computing System (UCS) which is just all of the Cisco VoIP products deployed on a VMware system using Fibre Channel over Ethernet (FCoE) as the media for communication between them all.

Saturday, August 27, 2011

Intercompany Media Engine Architecture

I had a quick study session this morning reading up more on a new feature to me called Cisco Intercompany Media Engine. I went over the call processing and how it uses IME compatible ASA's and Unified CM's to learn and place calls between enterprises. Along with our to fail over to PSTN in case of connectivity or latency issues. It's a pretty neat technology but I'm curious as to how many enterprises implement this solution currently.

Sunday, August 21, 2011

Multisite Distributed VoIP Deployment

I briefly went over the Multisite Distributed VoIP Deployment section in the SRND Guide. It has very similar attributes and requirements as the centralized model except it is a lot more versatile due to having a call processing cluster at each site. That eliminates the need to depend on the WAN or whatever media of inter-site connectivity for calls as much. I also began reading about the Cisco Intercompany Media Engine which seems to dynamically interconnect different enterprise organization phone numbers and create a network similar to how internet was when it was first created. Instead of just IP services, the network is used to connect Unified Communications within all the Enterprises. There's a lot more to learn about this technology and I may be off a little bit with my understanding of it at this point in time.

Saturday, August 20, 2011

VoIP Site Based Design Models

I spent sometime this morning reading through the various VoIP deployment models and how to implement high availability with each model while trying to get over this cold I currently have. So far I only went through the Campus model and the model that shows centralized call processing with multiple sites. In my current work environment we currently use the latter which is a centralized site that provides all the call processing which is then distributed to our multiple remote call centers. We're working on converting this into a more highly available solution which is a distributed model.

I plan on reading up on the other site based design guides that shows the distributed model along with a few others. I'm starting to see that there are multiple ways to provide redundancy using tools such as SRST (Survivable Remote Site Telephony), Distributed Communications Manager Express (CME), and many others.

Sunday, August 14, 2011

Finally moving back to the VoIP World

I haven't posted in a while but I finished up the TCP/IP Vol 1 book going through the subjects that I feel I needed to review before going back to VoIP. Mainly the interior routing protocols and overview regarding redistribution and basic static routing. This was all for making sure I had foundation for building on my VoIP knowledge to tackle the CCNP: Voice and maybe the CCIE: Voice. How can you sufficiently route voice over IP packets if you don't know how to route IP packets on its own?

I feel comfortable enough with IP routing to start diving deep into the Voice world and I have. It doesn't appear that the new CCNP: Voice reading material is quite done yet so I'm starting with Cisco Solution Reference Network Designs (SRND) material. These are really good free reading material providing best practices and design for all types of network solutions from security, voice, routing/switching, wireless, etc. Also moving to a new place leaves you pretty broke for a while and I know I'm going to have to drop some $$$ for additional lab equipment, books, and the 4 test to become CCNP: Voice certified. So I'm saving up money now while I scavenge the internet for free material!

I started with the Cisco 8.x CUCM SRND last week and I'm already at page 148 (1356 pages total) putting in about an hour of study a day.

Today I started on the security section for both the access layer and phone level. Talks about many basic things such as Man in the Middle Attacks, port security, disabling phone PC ports, etc. Tomorrow I'll read through material regarding Access Lists (ACLs) in a Unifed Communication environment.

Tuesday, July 19, 2011

End of the EIGRP Chapter (TCP/IP Vol I)

I cruised through the EIGRP chapter which refreshed my memory on a bunch of topics that escaped me. Such as the default metric calculations used when calculating the best routes along with topics such as Feasible Successors, SIA (Stuck-in-Active), and k values. I went through the configuration exercises which were surprisingly not that complex considering the book is supposed to help prepare you for CCIE. All they asked were to configure 5 routers with EIGRP using the process-id 5, create a authentication key between router A and B, and summarize the routes as much as possible.

Tomorrow I'll knock out the troubleshooting section and report back on what that was like time permitting. This has been one of the most helpful chapters so far since we still use EIGRP in our network but not near as much since migrating to a different vendor which uses strictly BGP for connecting WAN's.

Tuesday, July 12, 2011


I briefly went through the RIPv2 review questions,configuration labs, and troubleshooting exercises over the last few days in the TCP/IP Vol 1 book. I also went through the basics and beginning of IGRP and how it moved to EIGRP. I will be spending the next week or so going through the this chapter so you may not see a post from me until then when I reach the configuration exercises. In other news I'll be moving soon so you really may not see a post until about 3 weeks or so due to the craziness going on right now!

Sunday, July 3, 2011

RIPv1 TCP/IP Vol I Config Exercises

Today's lab involved RIPv1, 6 routers, 2 switches, and 4 configuration tasks. All together the lab was around an hour. The first part was to simply configure the network for RIPv1, simple enough. It's nice not having to mess with static routes all over the place! The next task was make the serial link between RTC and RTD send unicast updates rather than broadcasts. I did this by configuring the serial interfaces as passive along with setting up RTC/RTD with neighbor commands.

Next up was too change how often RTC and RTD sent each other updates, this was done with the timer basic command. I picked some random timers and used the ? command to help me a little. I set this across the board on all 6 routers because from what I understand the timers have to be universal across the network in order to work., someone correct me if I'm wrong though. The last task was to prevent RTA from talking to the network and RTB from talking to the network. I used an access-list and the off-set command. I told both routers that on any incoming RIP update for the particular network listed in their access-list, set the hop count to 16 or invalid. 16 hops is considered an invalid/infinite route with RIP.

Tuesday, June 28, 2011


I went over the beginning pages in the Vol I book regarding the RIP version 1 protocol. There are some interesting things that should be noted about version 1 compared to version 2. I'll list what I remember:

1. Version 1 is a classful protocol rather than a classless protocol.
2. Since it's classful RIPv1 can become problematic when running the protocol over a discontiguous network.
3.RIPv1 pass the entire network class that it knows about when advertising routes rather than the specific subnet unless the subnet is directly connected. Again this points back to numero uno.
4. The only subnets it will list in the routing table are the subnets that's directly connected to the router.
5. RIPv1 assume any subnets that it knows about will be the same subnet size throughout the entire network. Variable subnetted networks could easily cause a lot of problems.

Sunday, June 26, 2011

Finishing up TCP/IP Vol I Chapter 4

I went ahead and tackled the rest of chapter 4 regarding dynamic routing protocols. Tomorrow I'll knock out the review questions and then it's time for part II of the book. Which is the meat and potatoes of what the book is about and I should have a lot more lab design, configuration, and troubleshooting which is what I need right now.

Saturday, June 25, 2011

TCP/IP Vol I Chapter 4 - Dynamic Routing Protocol Overview

I read through about 20 pages this morning regarding dynamic routing protocols and the basics of why and when they're used. Brushed up a little on my Split-Horizon understanding and how distance vector works. I know I know, it's kindergarten stuff I believe you need to have a thorough understanding of the fundamentals if you want to even think about going after the CCNP certs let alone the big bad CCIE. I plan on knocking 10-20 more pages out tomorrow and to have the chapter finished by next weekend depending on how much time I can spare.

Once I finish the TCP/IP book I'm going to begin drawing out my CCNP:Voice lab requirements and prepare myself to get ready to spend some $$$. I also plan on moving in August and hopefully adding a few simple mods to my car (I drive a Subaru WRX STI) so I probably won't be saving much over the next 3-6 months!

Thursday, June 23, 2011

TCP/IP Vol I Troubleshooting Exercises Chapter 3

This evening I briefly ran through some of the static route configuration exercises. I've been swamped at work lately, working 10-12 hour days seems to be the norm lately. I'm not progressing through this book as fast as I like because of being drained by the time I get home. We will be opening a new remote site soon so I'll be even busier, not to mention we're still knocking out the kinks from upgrading our entire Cisco phone system from version 6/7 to 8.5. There's a weird call transfer issue going on when internal users transfers a caller to another user through UCCX.

Basically a caller will call Internal User A, Internal User A will then put the caller on hold, dial a different UCCX CSQ Trigger (CTI Route Point) which then goes through a queue and then to Internal User B via a random CTI Port. Internal User A then attempts to transfer Internal User B but from the reports I receive about 85% of the time Internal User B receives a fast busy when Internal User A hits the transfer button on their phone. Any suggestions lol?

Quick Tip of the day, For those who have the same amount of trouble as me with stack switches booting in the right order. The easiest way is to boot the first switch you want as master completely, then connect the stack cable to the switch(switches) you want to be clients and power them on. Make sure that IOS MATCHES otherwise you'll more than likely run into version mismatch errors like no tomorrow.

Monday, June 20, 2011

TCP/IP Vol I Config Exercises 3-14

I ran through the second configuration exercise in the TCP/IP Vol I book on chapter 3 this evening. For this lab there was a requirement to configure static routes on all routers with redundancy between each routers next-hop router. At first I thought that a floating static route would solve the issue but what I forgot is that none of the other routers would have a clue if a link went down since there wasn't a dynamic routing protocol involved. I simply took the floating static route out along with the AD (Administrative Distance) and added it back in without the AD. Now each router had a redundant route to each far end network and was load balanced using IP CEF. This solved my issue for the most part but I bet there are some ways that the packet can still not route correctly but I haven't dove to deep in all the possibilities.

The above picture shows router RTD with a path to RTB's far end network /24 going through either RTA or RTC. RTA link is down due to a fiber cut so RTD took the route out of it's RIB and forwarded it towards RTC instead.

Sunday, June 19, 2011

TCP/IP Vol I Config Exercises 3-13

I spent about 2-3 hours this morning answering review questions for the TCP/IP Vol 1 Chapter 3 section regarding static routes. For now I'm skipping most of the IPv6 stuff, I'll circle around to it a little bit later during my CCNP: Voice studies. I finished off today's studying session by completing the 3-13 Configuration Exercise. This lab involved 6 routers, a bunch of discontiguous networks, and some summarized IP network configuration requirements thrown in for fun. Everything went pretty good, I'm starting to get in the groove again finally of setting up networks in GNS3.

Sunday, June 12, 2011

Certification Path and TCP/IP Vol I

I decided not to go and test for the CCNA: Security at this point in time. I believe at this point there's really no need but I did cover all of the material and took what I've learned and applied as much as I could in my current job role. Most likely I'm going to take a hiatus from taking any actual tests and prepare to go straight for the CCNP: Voice in about 9-12 months since that's the field I'm in and I already have a really good start.

That doesn't mean I'm not going to study at all though. On the weekends I spend about 1-3 hours going through the CCIE TCP/IP Vol I book, I need to have IP Fundamentals understood as much as possible. Today I labbed up a simple four router network using nothing but static routes. I've learned that specifying an exit interface (i.e. FastEthernet 0/0) rather than the next-hop router IP address with static routing could generate excessive traffic on a broadcast network. The router uses ARP to query were the packet should be sent rather than just using the next-hop IP address defined in the static route. Below is to example static route configs along with the picture of the lab I worked on:

ip route (Next-Hop IP Address, preferred method)

ip route FastEthernet0/0 (Uses ARP/Broadcast, can be CPU Intensive)

Sunday, April 17, 2011

Site-to-Site VPN's

Recently at my company I was put in charge of configuring and deploying Cisco 881 routers and creating a Site-to-Site VPN's back to our ASA at the corporate office. I think this might have something to do with my co-workers knowing that I'm studying my CCNA: Security, oh well I didn't mind at all and kinda volunteered for this project. Well I wanted to learn about Site-to-Site VPN's through my IINS book before I started this project but the deployment happened before I could get to Chapter 4 and I'm really OCD about skipping chapters. In the end it worked out well because I think reading the chapter on Site-to-Site VPN's before ever configuring one beforehand would of just confused me.

I was able to open a TAC case to have an engineer help me get the bare bones configuration up. I then created a template and tweaked it to the point were all you have to do is change the IP's, allow the IP's on the ASA ACL, and create a static route and you were good to go. I was able to configure a group of 5 Cisco 881's in about 2 hours taking about 20 minutes each, the longest time was spent taking the packaging off of the router. The configuration took about 5 minutes.

This weekend I spent some time setting up a site-to-site configuration from scratch. For what ever reason I could never get the tunnel up and I quadruple checked the configuration including starting the lab over from scratch! It wasn't until I found some documentation that I realized why the tunnel never attempted to be created. The tunnel was only created when "interesting' traffic was sent to the other peer that's involved in the VPN process. I did a simple ping from end host to the other and just like magic the tunnels came right up!

A quick show crypto isakmp sa will show you rather your tunnel is up and alive:

Sunday, March 20, 2011

Cisco SDM and ACLs

The last week or so I have been reading through chapter 3 in the IINS book which covers access lists (ACLs) using both the CLI (command line interface) and SDM (Security Device Manager). Of course most of the configuration is based off of SDM but most people will use CLI in the real world including my self. I'm near the end of the chapter which digs into Zone-Based Policy Firewall which confuses me still to be honest. I understand the high level view of it which involves around creating zones with multiple interfaces/devices to be inspected with traffic instead of assigning a different ACL per interface which can become complex. I'm sure I'll have this concept nailed down within the next few months.

I'm actually putting some of this security stuff into use already which is nice, I've taken over configuring Cisco 880 routers with VPN connectivity for our home users. Also after our UCS upgrade, I plan on streamlining alot of our IOS configuration and implementing all of our Cisco devices with AAA using the ACS server that we have.

Saturday, February 26, 2011

More Cisco SDM Stuff

Well after 3 full days, I was able to get SDM up and working in GNS3. I know I've ran into issues in the pass but I wasn't smart enough to document how I resolved them really. This time I written down the exact configuration I need to have in order for SDM to run properly. You pretty much HAVE to install and use SDM if you plan on studying the CCNA: Security because most of the configuration you're going to do is based off of it. Today I was able to install AAA via SDM and some CLI which went fairly smooth. I had to setup AAA to user the routers AAA local user and password info since I don't have a RADIUS or TACACS server setup. This is good information though because we have a ACS server in our environment that uses AAA but only the older Cisco equipment is setup to use it as neither my colleague or myself are experienced in using it. We plan on beefing up and standardizing our network in the near future but we're just swamped with preparing for some very big network upgrades.

Sunday, February 20, 2011

Role-Based CLI Configuration

I spent sometime this morning playing around with different roles you can assign, similar to the privileged levels that you can assign for specific users in the IOS. I created a role called "simple" that only allowed for looking at the running configuration on the router and that's it. the show parser view shows what role/view you're in. The default "root" view is the only view that allows you to create other's like a riddle I know but it makes sense once you play around with it.

I also learned how you can help prevent DoS attacks on the IOS itself. You can limit the amount of times someone can try to access a Cisco device within a certain time period. If someone attempts to login unsuccessfully within a certain amount of time, the IOS can block out any further attempts within a specified time period. As shown in the picture above, this command is called the login block-for and login quiet-mode.

Monday, February 7, 2011

Risk Management

Today I read through more of chapter 1, it's one of the longest chapters I've ever read through in an IT book. I'm on page 91 with at least 10-20 more pages to go. I read up about basic risk management and the ways that you can analysis risk within a business. It's all about weighing the benefits between cost and security along with some guess work about if the risk will ever happen i.e. a tsunami hitting the middle of Missouri. I hope to have the rest of the chapter knocked out by tomorrow or Wednesday.

Sunday, February 6, 2011

System Design Life Cycle

This weekend I read through a good portion of Chapter 1 in the Cisco IINS book regarding the System Design Life Cycle (SDLC) and how to create a security policy. I played around with a low-level network scanner tool called Nmap. It's pretty cool, it can scan various things in your network such as UDP/TCP ports and can even graph a simple network topology out of it! I also played around with Cisco's security policy creator template which creates a ready to go security policy with pretty much everything you need. Starting this week I'm going to begin really digging into my studies work and weather permitting. I'm honestly not sure if I'll sit this exam but i do want to up my knowledge on security, even if it's just general knowledge.

Sunday, January 16, 2011

Certification Plans

Well I believe I have my plan laid out regarding which certs I'm going to pursue next. I'm hopping right into the CCNA:Security exam now, security is by far my weakest subject. After Security I'm going to most likely restart my CCNP studies again. I believe I would be doing myself a huge disservice if I didn't establish a solid fundamental understanding regarding IP networking and the protocols that's used to transport it. After that I might back track to CCDA or finally begin the new CCNP: Voice cert. I'm starting to realize in my current environment that troubleshooting and configuring networks is only one half of a solution. Properly designing the network to begin with will make or break a network. With an improperly designed network it can be hard to scale or troubleshoot the simplest of tasks.

Tuesday, January 4, 2011

Officially CCNA: Voice Certified!

Woohoo...I haven't posted in a while but I've been doing some major reviewing along with tearing down and building up my home lab about 5-10 more times over the last 4 weeks. I took my test today and passed with quite a bit or margin compared to my CCNA exam. My worst section was the UC520 platform which I figured, there's just something wrong about trying to learn about information that's nothing more than a sales pitch.