Utility to calculate MD5/SHA1/CRC32 hashes for Windows.

Just wanted to put it somewhere… Here is the little utility to calculate MD5/SHA1/CRC32 hashes for Windows. I’ve found it because I’m tired of CLI commands in Windows like this:

CertUtil -hashfile ...

And didn’t want to install some crappy permanent utility like hash tab or something. Installation is not required. Unzip the file and you are ready to go. Enjoy!

IOS-XE and MD5 file verification. [TESTED]

I was needed to download core dump file (.core.gz) from ASR1001. For some reason, FTP didn’t work, I didn’t attempts from VRF-aware management interface, so I had to have TFTP is in use. To verify the file before and after I used the following commands:

ASR1001#verify /md5 flash:/core/ASR1001_RP_0_fman_fp_image_7420_1231952006.core.gz
.....................................................................................................Done!
verify /md5 (bootflash:/core/ASR1001_RP_0_fman_fp_image_7420_1231952006.core.gz) = 4fa581dd2df1476eef9624bfcf88cd46

ASR1001#

To copy this file:

ASR1001#copy flash:/core/ASR1001_RP_0_fman_fp_image_7420_1231952006.core.gz tftp://192.168.1.1/
Address or name of remote host [192.168.1.1]?
Destination filename [ASR1001_RP_0_fman_fp_image_7420_1231952006.core.gz]?
!!!!!!!!!!!!!!!!!!!!!!!!!!!
6614390 bytes copied in 7.711 secs (857786 bytes/sec)
ASR1001#

To verify MD5 after copying using embedded in Windows 7 command:

c:\Temp>CertUtil -hashfile C:\TFTP\ASR1001_RP_0_fman_fp_image_7420_1231952006.core.gz MD5
MD5 hash of file C:\TEMP\ASR1001_RP_0_fman_fp_image_7420_1231952006.core.gz:
4f a5 81 dd 2d f1 47 6e ef 96 24 bf cf 88 cd 46
CertUtil: -hashfile command completed successfully.

c:Temp>

Windows 8 - AnyConnect error - Failed to initialize connection subsystem. [SOLVED]

We had a problem with the AnyConnect client v3.1.05187 on Windows 8. We got the error message - “Failed to initialize connection subsystem”. We solved it using the following procedure:

• Install all windows updates on Windows 8.
• Reboot the PC.
• Update AnyConnect client to the latest version using anyconnect-win-3.1.07021-pre-deploy-k9.msi file.
• Reboot the PC - This is important.

Enjoy!

SolarWinds NCM “Device Template” for Cisco ACS 5.6. [TESTED]

By default, NCM don’t have a special “Device Template” for Cisco ACS 5.X, NCM chooses the closest template by SysObjectID. BTW, it differs and depends on particular ACS version. For example, ACS 5.6 has 1.3.6.1.4.1.9.1.1117. Default template for Cisco IOS works fine, but ADE-OS on ACS 5.X (at least on 5.5 and 5.6) requires proper SSH session closing (by using exit).

You can find a template for ACS on thwack, it’s ok, but it needs to be modified. Here are some important changes:

... Device="Cisco ACS 5.6" SystemOID="1.3.6.1.4.1.9.1.1117" ...
... Name="DownloadConfig Value="show ${ConfigType}${CRLF}exit" ...

SolarWinds - “Last Boot” OID - False positive ACS server restart.

This morning I’ve noticed an event in SolarWinds:

ACS-01.example.com rebooted at 2/28/2015 03:20:00 PM

Then I checked it from ADE-OS CLI:

ACS-01/admin# show uptime
97 day(s), 05:14:30
ACS-01/admin#

This output looks like an Uptime OID (HOST-RESOURCES-MIB::hrSystemUptime.0):

snmpwalk -c 'COMMUNITY' -v 2c 192.168.1.1 1.3.6.1.2.1.25.1.1.0
HOST-RESOURCES-MIB::hrSystemUptime.0 = Timeticks: (840434124) 97 days, 5:21:21.24

But SolarWinds uses another one OID to get “Last Boot” info - “DISMAN-EVENT-MIB::sysUpTimeInstance.0”. SolarWinds gets this info every “Polling Interval” (120 sec by default):

snmpwalk -c 'COMMUNITY' -v 2c 192.168.1.1 1.3.6.1.2.1.1.3.0
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (17154318) 1 day, 23:39:03.18

I checked log messages and found that snmpd has been rebooted, but nothing related to real cause of this reboot…

ACS-01/admin# show logging system | i snmp
         23 Feb 28 2015 09:40:01  snmpd.log
ACS-01/admin#
ACS-01/admin# show logging system snmpd.log
NET-SNMP version 5.7.1
ACS-01/admin#

That’s why I’ve opened TAC case and got an explanation - https://tools.cisco.com/bugsearch/bug/CSCte39351:

Symptom: ACS SNMP daemon stopping

Workaround:
- reboot ACS appliance
- restart ACS SNMP daemon

Per Cisco TAC reply, the fix for the bug will be released on ACS 5.7 which is planned for May of this year.

Some other links (not really useful):
A false alert, indicating that a monitored object has rebooted, is firing, when the monitored object is actually up and functioning as normal. - It recommends to create custom poller, but it will not replace existed one, so this is useless.
Polling and reporting real uptime - Good thing, but it’s too complicated.

Admin area