Technotes on

Migrating My Old Blog Posts to Hugo

Fri, 01 May 2026 20:31:20 +0200

Intended workflow

Manual copy from old blog -> post locally -> build and publish with ‘hugo’ -> if result on my local Hugo instance matches expectations I git commit and publish to remote -> GitLab repo main branch gets updated -> Cloudflare Pages triggers a rebuild -> web pages of the blog get updated.

Steps, Difficulties and Solutions

download Hugo using Snap
create a git repo in the blog directory
create a GitLab access token. Define my GitLab repo as a remote for the blog git repo. Git push to the remote. Use the GitLab access token when asked to authenticate - not the GitLab account credentials!
by default the main branch on GitLab is protected. For the initial ‘git push remote origin main’, I deactivated the protection feature in GitLab under Settings -> Repository -> Protected branches -> main.
to create blog posts, I placed them under ‘content/posts’. I placed images under ‘static/images’. I insert an image in a blog post using this syntax: ![alt_name](/images/IMG_NAME)
integrate mit GitLab repo with Cloudflare Pages. I spent much time troubleshooting this. I confused Cloudflare Workers with Cloudflare Pages. I should have chosen the right config option. Firefox does not display the Cloudflare dashboard correctly. Use Chrome instead.
I added the Hugo theme ‘Terminal’ as a git submodule. After customizing the theme, I ‘git add themes/terminal’ in addition to the staging of the files in the parent folder ‘myblog’.

Topologies I will practice inshAllah

Cisco Videosurveillance Typo

Thu, 11 Dec 2014 16:11:01 +0200

While performing routine configuration on a Cisco router, I encountered a funny typo. Try to find it by yourself. Hint: it’s on the last line :)

Scheduling a VMware Exam

Mon, 06 Jan 2014 16:19:15 +0200

There’s an info on the Internet that says it’s possible to pass Vmware VCA certs for free. It’s been a while now and Vmware retired this offer.

However, there are some folks that say they could get around and pass without spending a penny. They say it’s a matter of combining promo codes.

I’ve been trying all the codes. Pearson Vue warned me that they’re going to shut down my account if I do another attempt.

Uploading IOS image with Cisco LMS

Fri, 13 Dec 2013 16:33:48 +0200

In this tutorial we’ll learn :

How to push an IOS image into a switch flash disk, using Cisco LMS,
How to verify that the IOS image has been loaded correctly

Pushing the IOS image

On the LMS home page, click on the Resource Manager Essentials link.
Click on Software Distribution
Choose a distribution method. By default, I use “by device”. That’s the simplest one
Check the device for which you want to upgrade the IOS and click Next

VMware Datacenter Virtualization VCA-DCV

Sun, 17 Nov 2013 16:48:22 +0200

Today I successfully passed the exam. I got a score of 420. Alhamdulillah.

How I studied for the exam: I watched the Vmware E-learning fundamental videos, took notes, reviewed them with a big mind map, then registered and sat for it. I sat studying in many small sessions.

It’s great to sit for an exam and pass it from home :) it’s also great to see there are other folks out there who are sharing the same experience.

Time Synchronization Between a Cisco Catalyst 6500 and Active Directory

Mon, 14 Oct 2013 17:03:51 +0200

Situation

6500 switch is the corporate NTP server
Server team wants to synchronize Active Directory time with the NTP server. Troubleshooting
enable NTP debugs:
check logs on the 6500 switch:

Remaining PoE on a Cisco Catalyst Switch

Mon, 14 Oct 2013 16:52:38 +0200

Players: Catalyst switch with PoE support, Cisco IP phones Script: We want to check whether there still is enough amount of PoE energy, on a Catalyst switch. Solution: do a “show power inline”, check the “Remaining” column.

Registering MGCP Gateways

Fri, 27 Sep 2013 17:20:16 +0200

Situation I tried to register my MGCP gateway to my CUCM, but everytime I did a “show ccm-manager”, it displays the following: Troubleshooting I first thought about an issue about DNS on CUCM. I remembered that, during the CUCM installation, I put CUCM somewhere. So I went to every corner of CUCM admin pages, where I could find the “CUCM” keyword. I changed some settings in Entreprise Parameters. I even tried to change the hostname under the CUCM CLI mode: Then, I examined what’s happening at the router level, with “debug mgcp events”. I noticed this line:

Reading List for the Cisco CIPT1 Exam

Thu, 26 Sep 2013 17:14:44 +0200

Studying for Cisco certifications not enough with only official Cisco Press books. We got to supplement our reading with other documents. for CIP1 exam, I decided to heavily rely on reading from the screen. Why? because a network engineer does not often have the luxury to print all the documents he works with.

Documents I’m reading to supplement my CIPT1 studies:

IOS 15.2M&T configuration guides
Configuring H.323 gateways
Cisco Unified Communications Manager Session Management Edition Deployment Guide Release 8.x, page 13
H.323 Slow Start and Fast Start
Cisco IOS Voice Command Reference, S Commands
Media Termination Points

Cisco CIPT1 Student Guide

Thu, 26 Sep 2013 17:09:47 +0200

For example, let’s take Call Survivability. In the Student Guide, it says that call survivability is maintaining the RTP stream between two IP endpoints when the CUCM fails. However, the foundation Guide and I agree that call survivability involves TDM-to-IP-calls too.

Another exemple: does MGCP support call survivability? the Student Guide says no. Maybe it was supported in a later release, you’ll probably say. Read the following line: “Media Gateway Control Protocol has supported call survivability (call preservation) since it was introduced on the gateway routers, but H.323 gateways did not support this feature until Cisco IOS 12.4(9T)”.

CUCM, VMware and GNS3

Thu, 19 Sep 2013 19:13:12 +0200

I found some interesting blogs about this topic:

Notes:

Router IOS should support voice. I’m using 12.4 Advanced Entreprise IOS version,
Vmware network adapter: set to “host only” mode. Remember that during the installation of CUCM on Vmware, we set the network adapter to “bridged”, so it can connect to Internet and contact an NTP server,
After adding the cloud component in GNS3, you may find that no adapter is seen under NIO Ethernet. GNS3 mentions that it needs “Administrator or root access”. Solution: close GNS3, right click and choose “run as administrator”. Then you’ll see the list of adapters under NIO Ethernet.

Install CUCM on VMware

Tue, 17 Sep 2013 20:36:48 +0200

I struggled a couple of weeks before I came across a great post about installing CUCM on a vmware workstation. I needed this for CIPT1 labs.

Strangely, the website has been taken down due to a hacking attempt.

Well, everything seemed to work fine until the NTP configuration step. Here, I’ve discovered that , when configuring NTP server, make sure your guest machine can connect to the internet and check the public NTP server. So if you have a computer firewall, disable it.

How to Reload Your Cisco Router While Asleep

Sat, 14 Sep 2013 21:31:13 +0200

There are times when you want to schedule a router reload, but you don’t want to stay late or come to the office during weekends. “Reload at” is your friend.

How to reload your router at a predefined time

You want to reload your router (or switch) at 7pm, but at the same time, you’ll be having a coffee with your friend and you don’t want to have this discussion: “- Sorry guys, I have a router to reboot. I’ll be back in 30mn.

Managing Endpoints and Endusers with CME

Sun, 27 Jan 2013 21:31:13 +0200

Preparing router to act as a CME:

configure ip address on interface.
Configure the source address, the IP address to which ip phones will register:
specify the maximum number of phones that CME can handle. This will affect the router performance:
configure the maximum number of ephone-dns: Later, I will change these values because my router lacked memory resources. To verify the aforementioned settings: Let’s create our first ephone-dn: At this point, my router displayed an error message indicating a lack of memory. I increased its memory size in GNS3: After a reload, things went ok I also reduced the max-ephone and max-dn values: Now we can add ephone-dns without problems: When I create a dual-line ephone-dn, two “sub-ephone-dn” are created: To verify ephone-dns: another way to verify it: Notice that there are two channels for ephone-dn 2, which is a dual-line ephone-dn.

Adding a secondary line to a dual-line ephone-dn:

Cisco Switching Notes

Thu, 09 Feb 2012 21:31:13 +0200

a 3750 can act as a layer3 switch by adding the “ip routing” command.
It can automatically route between locally created vlans because it considers them as connected interfaces (given that the SVIs are created).
on a device, there are 3 types of traffic: control, management, end user.
Control traffic such as CDP, DTP, PAgP goes through vlan1 between Cisco switches, even if you clear it from trunks.
By default, native vlan traffic is untagged. But there’s a Cisco command that tells the switch to tag all vlans.
by default, native vlan = vlan1. If we set the native vlan to vlan100, then vlan100 frames will be untagged on trunks, and vlan1 frames will be tagged.
SMI: Standard Multilayer Image
EMI: Enhanced Multilayer Image
if switch is acting L2, then we should set a Default Gateway on it to make the management vlan reachable remote ; if it is acting L3, it will have routes instead.
switch and Management vlan
the management IP address must be reachable from remote
best practice: use a same subnet to manage all network devices
on L2 SW: only one SVI is up at a time

Cisco Auto Qos Configuration

Mon, 08 Aug 2011 21:31:13 +0200

First, let’s see if QoS is enabled on the switch: QoS is disabled. We should enable it on global configuration level: If we want to display QoS settings for an interface, we do a show mls qos interface command: At this stage we still did not define trust boundaries. That’s why Trust State and Trust Mode say “not trusted”. And we did not specify whether we’ll trust a device or not. To define trust boundary with auto-qos, we either trust all CoS values coming on the switch interface or we trust CoS values only if an ip phone is connected to the switch port. With auto qos voip trust, we tell the switch to trust CoS on each packet coming on the switch interface: If we want to further limit trust boundary, we can tell the switch to trust CoS values only if a Cisco ip phone is detected on the port: Finally, on a 3550 switch, show auto qos and show auto qos interface give the same output:

TSHOOT Exam Strategy Notes

Sun, 22 May 2011 21:31:13 +0200

I gathered these notes to mentally prepare my Troubleshooting methodology on the exam day:

Follow the path
divide and conquer
Move the problem
Bottom up
Top down After watching Kevin Wallace Bull’s Eye videos and INE Tshoot Exam Demo video, the best method is to use a combination of Divide and Conquer-Bottom up/Top Down-Follow the path. There’s not really one single method that will lead to finding where the problem lies.

This is a collection of possible troubleshooting tips I collected over my studies. They are organized by OSI layer:

IPSec VPN Notes

Fri, 06 May 2011 21:51:08 +0200

Steps to create IPSEC VPN:

define ISAKMP Policies
define ISAKMP preshared key (if authentication method is Pre-share)
define IPSEC Transform Sets
define IPSEC security associations
define interesting traffic through Proxy Identity (or crypto ACL)
link crypto ACL and IPSEC TS with a Crypto Map
put the crypto map under the Internet-facing interface

configuring IPSEC VPN between R2 and R3 There was a problem at first. Debug command helped see the error: We look back at the configuration on both R2 and R3 and discover that “set transform-set” is missing on R3:

Dot1x and AAA Notes

Fri, 06 May 2011 21:31:13 +0200

dot1x

dot1x can work with DHCP address assignment
only EAPOL is allowed before a port is authorized
Vlan Assignment (by a RADIUS server) depends on the result of dot1x authentication
RADIUS server- the dot1x authentication server- is the one which verifies the identity of the client connected to a dot1x port

AAA

there are named method lists (simply method lists)
once AAA is enabled, the default method list is applied to console, VTY access, enable mode…

Cisco BSCI Exam

Fri, 27 Feb 2009 21:31:13 +0200

Score is 822. Passing score was 790. It came after four days of reviewing IPv6, Route maps, BGP,… In the beginning of the test I was taking enough time to read and answer the questions. However I lost much time in my first lab simulation. The scenarion wasn’t clear to me. And each time I had to click on the console button to reach a router. And I was not seeing changes in the routing table so it confused me a lot. I began to worry about my score. And I got my second lab simulation. And immediately after, the third. I told to myself: “man, what did I do to Cisco to treat me this way?” So I had almost 38 minutes to do the third lab sim and 32 questions ! Besides, the test supervisor was tearing papers on her desk. And the other guy in the room was complaining about the bug in his exam. I was going to scream. At the end, I was almost flipping through the questions. I finished the test. The test supervisor told me “congratulations!”.