Tuesday, 27 January 2026

powershell command to check if mac address has a lease and/or reservation

check if mac address has a lease and/or reservation 

You can add more mac's to the list as needed.

I needed this to compare two independent DHCP scopes


$macs = @("xx-xx-xx-xx-yy-yy","zz-zz-zz-zz-zz-zz"); 

$macs | ForEach-Object { 

    $lease = Get-DhcpServerv4Lease -ScopeId 192.168.1.0 -ClientId $_ -ErrorAction SilentlyContinue; 

    $reservation = Get-DhcpServerv4Reservation -ScopeId 192.168.1.0 -ClientId $_ -ErrorAction SilentlyContinue; 

    "MAC: $_, Lease: $($lease.IPAddress -join ', '), Reservation: $($reservation.IPAddress -join ', ')"

}


Posted by at No comments:

Monday, 26 January 2026

Make a LED flash on the right switch in cisco stacked switch

 Handy for helping remote hands identify the right switch in the stack (looking for switch 3). A blue LED was coming on and off for 9300

hw-module beacon switch 3 on

hw-module beacon switch 3 off


You can also search mac address table for the device plugged in:

sh mac address-table | i xxxx.xxxx.xxxx

Posted by at No comments:

FIx duo sso

Duo Auth Proxy 6.6.0 uses the new OpenSSL standards and the Auth Proxy does not recognize root CAs with RSA 1024bits

Needed to change the RSA bits from 1024 (very old one) to 4096

Change the configuration on the Root CA >> Uploaded the new Root CA into DUO SSO config in the DUO portal >> Upgrade DUO Auth Proxy again

Posted by at No comments:

Friday, 23 January 2026

export config from NCM in manageengine opmanger

It’s inside an encrypted DB, can be viewed in opmanger web interface

Can also export to raw file on the opman server

Go to Settings -> NCM -> Export Configuration


Posted by at No comments:
Labels: , , , , , ,

Monday, 19 January 2026

match palo alto firewall settings that are not sync'd by HA

Some settings are not sync'd


show clock

show system info | match timezone

show system ntp-servers

show system setting service-route

show interface management

show high-availability state


Check your software and GP versions match too

  • Timezone mismatch (exactly what you hit)

  • Service routes not identical

  • DNS works on active, fails on passive

  • Management gateway missing on one unit

  • Local admin password mismatch

  • Cert generated on one box only

  • Log discrepancies causing confusion

    • Posted by at No comments:

    Thursday, 15 January 2026

    Cisco duo encrypting the password in the authproxy config file

     https://help.duo.com/s/article/2340?language=en_US


    Backup

    Take a backup of your authproxy.cfg file

    Make sure your password is stored in secure password manager


    Changes
    Run a cmd as admin

    Switch into the duo folder /bin directory

    run 

    C:\Program Files\Duo Security Authentication Proxy\bin\authproxy_passwd.exe

    Enter the password to be encrypted

    The tool will give you output. 

    Copy paste that over the password in the authproxy file

    You need to change the variable names to x_protected as well

    service_account_password

    becomes

    service_account_password_protected

    Restart the service

    Test

    If all is working make sure your password is stored in pw manager

    Delete any plaintext versions of the authproxy file.

    If its not working drop the old config back in, restart service and log a call with duo support

    Posted by at No comments:
    Labels: , , ,

    Tuesday, 13 January 2026

    Cisco duo authentication proxy download

     https://duo.com/docs/checksums#windows



    Posted by at No comments:
    Labels: , , ,
    Subscribe to: Comments (Atom)