Thursday 29 November 2018

upgrade 3850 from 3.x.x to 16.x.x

Prep work

Create usb drive copy files to it, create folder for old files
Create a test plan to use post upgrade
Take backup of running config
Take backup of current software
Download the new software to be installed

Doco from Cisco:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/16-8/release_notes/ol-16-8-3850.html#id_67699

Important note

Create some local users and check aaa config there is a bug with users coming over and you get locked out of the switch

username admin algorithm-type scrypt secret cisco
(this is type 9, the best at time of writing)



Upgrade

  • Make space in flash if needed (most of the time there will be lots of space)
software clean
request platform software package clean


  • Copy the new software to the switch (usb or tftp/ftp etc)
dir usbflash:
copy usbflash:/filename.bin flash:
Usually format the usb drive as fat32
Watch out for network cables boot below the usb port pushing the USB drive up. I've had that cause IO error in the past.


  • Regenerage ssh keys this is needed going from 3.x.x to 16.x.x
conf t
crypto key generate rsa general-keys modulus 2048
exit

  • Start putty or other console program with logging
sudo minicom -C switch-upgrade.txt

  • Install software onto all switches in the stack (out of hours).
software install file flash:/filename.bin switch 1-2 verbose new force
stack reload now, yes
safe config, yes
reboot will take 10-20 minutes


  • Post installation checks
once reloaded check show ver
Test the switch, is everything working as expected ?

Set boot variable
boot system switch all flash:packages.conf
sh boot


After some testing clean up other files
request platform software package clean switch all file flash:
yes to delete old files
yes to save config
Posted by at No comments:
Labels: , ,

Thursday 22 November 2018

setup sftp chroot jail on rhel

https://access.redhat.com/solutions/2399571


Posted by at No comments:
Labels: , , , , , ,

Friday 2 November 2018

checkpoint creating a rule base

https://sc1.checkpoint.com/documents/R76/CP_R76_Firewall_WebAdmin/92703.htm


Posted by at No comments:
Labels: ,

checkpoint tracker (live logs) not working

The CPs can stop logging due to server disk space filling up

Fix for this is – ssh to server and delete the old files

Navigate to $FWDIR/log and delete the old files

Posted by at No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)