CIPT2: 300-075 Taming the beast and my study note

Wow, what an experience it was, trying to pass Cisco CIPT2 300-075 exam during the last 5 weeks. So much was on the line as if I did not pass this exam by 17th of June, 2016, all my CCNP R&S and CCNP Voice was expiring, so I would be facing 7 exams to re-certify as CCNP in both technologies. Unfortunately, I had to tackle it 3 times to pass this exam, and got lucky on 3rd attempt. My first attempt was a lame attempt as I failed by 7 questions, the second attempt was a little bit more decent, failing by a SINGLE question. The passing mark for CIPT2 300-075 exam is 860/1000, which makes one question valued somewhere between 13 pts to 17 pts depending on the weight of the question Cisco is throwing at you. But today, I passed the exam and what a Roller Coaster ride this exam was, I’ve passed the exam with the exact passing score! Finally, the lady luck is on my side. After two failures, trying to tame the beast, I’ve studied so many hours trying to understand the VCS components and finally got a full grasp of the concept and basic configuration. Over 3 days of long weekend, I cranked out 30 hours of study time for VCS C and E studies (no pain, no gain! I am thankful that I’ve failed the second time by one question. I was forced to try my best). Oh, what a feeling!

 

I want to share some of my study notes with you so, you don’t have to do it the hard way like me, but I urge you to spend some time reading Cisco documentations, watch videos from CiscoLive and read the official study books front-to-end before jumping into the full study drive mode. I hope my notes will help someone on their way to becoming a CCNP-Collaboration. My notes are based on Cisco documents but also comes from the live environment and my experience, so it might not be 100%, but if you disagree with me on those questions, then show me your proof that you are in the right and I am in the wrong with a live Cisco documentations referencing the page and line number. As always, if you cannot avoid it, try to face it with a dignity or try to enjoy it!!! I would choose the latter…. 🙂

 

 

1. Regional configuration of Cisco VoIP environment
Note: Cisco Best practice, (G.729/24K) to compress BW for regions. Hardware MTP only supports G.711 a-law and G.711 u-law. Also regions will need transcoders if multiple codecs are deployed, NOT hardware MTP.
2. While using Query wizard to configure the trace and log central feature to collect install logs.
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/service/7_1_2/rtmt/RTMT/rttlc.html
“The time zone of the client machine provides the default setting for the Select Reference Server Time Zone field. All the standard time zones, along with a separate set of entries for all time zones that have Daylight Saving settings, display in the Select Time Zone drop-down list box.”
“Trace and Log Central downloads the file with a time range that is based on your Selected Reference Server Time Zone field. If you have servers in a cluster in a different time zone, TLC will adjust for the time change and get files for the same period of time. For example, if you specify files from 9:00 AM to 10:00 AM and you have a second server (server x) that is in a time zone that is one hour ahead, TLC will download files from 10:00 AM to 11:00 AM from server x.”
3. Standardization of caller addresses between H.323 and SIP endpoints.
http://www.cisco.com/en/US/tech/tk652/tk701/technologies_configuration_guide_chapter09186a00 800eadee.htmlhttp://www.cisco.com/c/dam/en/us/td/docs/telepresence/infrastructure/vcs/config_guide/X8-2/Cisco-VCS-Basic-Configuration-Control-with-Expressway-Deployment-Guide-X8-2.pdf (Page 17)
“The pre-search transform configuration described in this document is used to standardize destination aliases originating from both H.323 and SIP devices. ”
“The following transform modifies the destination alias of all call attempts made to destination aliases which do not contain an ‘@’. The old destination alias has @example.com appended to it. This has the effect of standardizing all called destination aliases into a SIP URI format.”
From VCS and CUCM Deployment guide:
“Thus, a transform is needed to ensure that the dialed number is transformed into a consistent form, in this case to add the domain (vcs.domain) if required.”
4. CUCM Extension Mobility characteristics
http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_administration_guide_chapter09186a0080153e60.html#wp1092734

“Able to adopt a user profile even when no user is logged in”
“Almost same attributes as a physical device”
5. A globalized dial plan, 3 ways enabling ingress gateways to process calls.

Configure the called-party transformation settings for incoming calls on H.323 gateways.
Configure translation patterns in the partitions used by the gateway calling search space
Configure the gateway with prefix digits to add necessary country and region codes.

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/collab10/collab10/dialplan.html#16685
“Localized Call Ingress on Gateways
The called and calling numbers delivered into the Unified Communications system by external networks (for example, the PSTN) are typically localized. The form of the numbers may vary, depending on the service provider’s configuration of the trunk. As a gateway is connected to a PSTN trunk, the system administrator must work with the PSTN service provider to determine the applicable signaling rules to be used for this specific trunk. As calls are delivered into the system from the trunk, some of the information about the calling and called numbers will be provided explicitly and some of it will be implied. Using this information, the system must derive the calls’ globalized calling and called party numbers.
The globalization of the called party number can be implemented through one of the following methods:
In the gateway configuration, configure Call Routing Information > Inbound Calls, where the quantity of significant digits to be retained from the original called number and the prefix digits to be added to the resulting string are used to globalize the called number. The prefix digits should be used to add the applicable + sign and country, region, and city codes.
Place translation patterns in partitions referenced by the gateway’s calling search space. The translation patterns should be configured to match the called party number form used by the trunks connected to the gateway, and should translate it into the global form. The prefix digits should be used to add the applicable + sign and country, region, and city codes.
Use the incoming call’s called party transformation settings available on the gateway and on the gateway’s device pool. There you can define strip and prefix digit instructions or alternatively configure a called party transformation calling search space per numbering type.
The globalization of the calling party number should be implemented by using the Incoming Calling Party Settings configured either on the gateway directly or in the device pool controlling the gateway.”
6. 2 types of devices are affected when an engineer changes the DSCP for Video Calls service parameter
Read “Set DSCP Values”.
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/jabber/10_6/CJAB_BK_C56DE1AB_00_cisco-jabber-106-deployment-and-installation-guide/CJAB_BK_C56DE1AB_00_cisco-jabber-106-deployment-and-installation-guide_appendix_01111.html
7. Cisco VCS uses 3 Presence status of endpoints for monitoring
http://www.cisco.com/c/en/us/td/docs/telepresence/infrastructure/articles/vcs_monitors_presence_ status_endpoints_kb_186.html
in-all
call-ended
registration
8. 3 steps configure Cisco Unified Survivable Remote Site Telephony for SIP phones

1. configure an SRST reference
2. Configure the SIP registrar
3. Configure voice register pool

 

 

voice service voip
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip

sip

registrar server expires max 600 min 60

!

voice register pool 10
id network 172.26.10.0 mask 255.255.255.0
dtmf-relay rtp-nte cisco-rtp sip-notify
codec g711ulaw
no vad
!
voice register pool 11
id network 172.26.11.0 mask 255.255.255.0
dtmf-relay rtp-nte cisco-rtp sip-notify
codec g711ulaw
no vad
!

sip-ua
registrar ipv4:172.26.10.240 expires 600

(172.26.10.240 is the SRST gateway IP address).

Don’t forget on UCM SRST reference configuration for gateway:

On UCM SRST reference configuration for gateway

SIP Network/IP Address 172.26.10.240

SIP Port 5060
9. Device Mobility – overlapping parameters for roaming
Location
Network Locale
MRGL

Reference: https://supportforums.cisco.com/document/77096/device-mobility
“The overlapping parameters for roaming-sensitive settings are Media Resource Group List, Location, and Network Locale. The overlapping parameters for the Device Mobility-related settings are Calling Search Space (called Device Mobility Calling Search Space at the device pool), AAR Group, and AAR Calling Search Space. Overlapping parameters configured at the phone have higher priority than settings at the home device pool and lower priority than settings at the roaming device pool.”
10. VCS Control routing configuration, user dial brchoi and call gets routed to brchoi@cisco.com
search rule

http://www.manualslib.com/manual/841592/Cisco-Telepresence.html?page=168

http://www.cisco.com/en/US/tech/tk652/tk701/technologies_configuration_guide_chapter09186a00 800eadee.htmlhttp://www.cisco.com/c/dam/en/us/td/docs/telepresence/infrastructure/vcs/config_guide/X8-2/Cisco-VCS-Basic-Configuration-Control-with-Expressway-Deployment-Guide-X8-2.pdf (Page 17)
“The pre-search transform configuration described in this document is used to standardize destination aliases originating from both H.323 and SIP devices. The following transform modifies the destination alias of all call attempts made to destination aliases which do not contain an ‘@’. The old destination alias has @example.com appended to it. This has the effect of standardizing all called destination aliases into a SIP URI format.”
From VCS and CUCM Deployment guide:
“Thus, a transform is needed to ensure that the dialed number is transformed into a consistent form, in this case to add the domain (vcs.domain) if required.”
11. Configure VG310/VG350 and enable call pickup feature
SCCP gateway
You must check this on a running CUCM. Check CUCM configuration and VG350 gets configurred as SCCP only and then the endpoints can be configured to do a call pick-up.
Check CUCM configuration and VG350 gets configurred as SCCP only and then the endpoints can be configured to do a call pick-up.
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/10_0_1/ccmsys/CUCM_BK_SE5FCFB6_00_cucm-system-guide-100/CUCM_BK_SE5FCFB6_00_cucm-system-guide-100_chapter_0100110.html#CUCM_RF_V83D221A_00
12. Intracluster URI dialing configuration

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/9_0_1/ccmsys/CUCM_BK_CD2F83FA_00_cucm-system-guide-90/CUCM_BK_CD2F83FA_00_system-guide_chapter_0101111.html#CUCM_TK_SBE2D597_00

URI Dialing within the same cluster, follow these steps:
Step 1: Configure the URIs to the users
Step 2: Associate the directory URIs to directory numbers
Step 3: Assign the default directory URI (Configure the directory URI partition and calling search space)
Step 4: Configure the SIP profile in your network. (Configure a setting for the Dial String Interpretation drop-down list box and apply the setting for all the SIP profiles in your network. Check the Use Fully Qualified Domain Name in SIP Requests check box for all the SIP profiles in your network.)
13. Enabling video desktop sharing between CUCM video endpoint and Cisco VCS video endpoint.
Use BFCP
https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=88574&backBtn=true
BRKCOL-2540 – Video call control and management migration to CUCM (2015 Cancun) – 90 Mins

22222

 

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/8_6_1/ccmcfg/bccm-861-cm/b06siprf.html
Table 76-1 SIP Profile Configuration Settings
Allow Presentation Sharing using BFCP
If the box is checked, Cisco Unified Communications Manager is configured to allow supported SIP endpoints to use the Binary Floor Control Protocol to enable presentation sharing.
The use of BFCP creates an additional media stream in addition to the existing audio and video streams. This additional stream is used to stream a presentation, such as a PowerPoint presentation from someone’s laptop, into a SIP videophone.
If the box is unchecked, Cisco Unified Communications Manager rejects BFCP offers from devices associated with the SIP profile by setting the BFCP application line and associated media line ports to 0 in the answering SDP message. This is the default behavior.
Note BFCP is only supported on SIP networks. BFCP must be enabled on all SIP trunks, lines, and endpoints for presentation sharing to work. BFCP is not supported if the SIP line or SIP trunk uses MTP, RSVP, TRP or Transcoder.
For more information on BFCP, refer to the Cisco Unified Communications Manager System Guide.
14. “Src-port=”25723″ Detail=”Incorrect authentication credential for user”” error
The Expressway-C Traversal Client username/password do not match the Expressway-E Traversal Server username/password.

https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=89093&backBtn=true

The Expressway-C is a Client and the Expressway-E is the server. They have client to server relationship. Expressway-C is a Traversal Client.

1111
http://www.cisco.com/c/en/us/support/docs/unified-communications/expressway-series/117811-configure-vcs-00.html

Traversal Zone

When the peer address is configured as an IP address or the peer address does not match the Common Name (CN), you see this in the logs:

Event=”Outbound TLS Negotiation Error” Service=”SIP” Src-ip=”10.48.80.161″
Src-port=”25697″ Dst-ip=”10.48.36.171″ Dst-port=”7001″ Detail=”Peer’s TLS
certificate identity was unacceptable” Protocol=”TLS” Common-name=”10.48.36.171″
When the password is incorrect, you see this in the Expressway-E logs:

Module=”network.ldap” Level=”INFO”: Detail=”Authentication credential found in
directory for identity: traversal”

Module=”developer.nomodule” Level=”WARN” CodeLocation=”ppcmains/sip/sipproxy/
SipProxyAuthentication.cpp(686)” Method=”SipProxyAuthentication::
checkDigestSAResponse” Thread=”0x7f2485cb0700″: calculated response does not
match supplied response, calculatedResponse=769c8f488f71eebdf28b61ab1dc9f5e9,
response=319a0bb365decf98c1bb7b3ce350f6ec

Event=”Authentication Failed” Service=”SIP” Src-ip=”10.48.80.161″
Src-port=”25723″ Detail=”Incorrect authentication credential for user”
Protocol=”TLS” Method=”OPTIONS” Level=”1″
15. An effective backup method to access TEHO destinations in case the call limit triggers
LRG

https://books.google.com.au/books?id=80iuCwAAQBAJ&pg=PT151&lpg=PT151&dq=device+pool+used+to+globalize+dial+plan&source=bl&ots=uyI8e5Jt4L&sig=hZ-hEJ-XCgJT7pZHCrGR89Q5TR4&hl=en&sa=X&ved=0ahUKEwi0n-33iqLNAhXFIqYKHWdaAVEQ6AEIQjAF#v=onepage&q=device%20pool%20used%20to%20globalize%20dial%20plan&f=false
“If TEHO is configured, the appropriate TEHO Gateway is used for the PSTN call. The TEHO route list can include the Default Local Route Group setting as a backup path. In this cas, if the primary (TEHO) path is not available, the gateway taht is referenced by the local route group of the applicable device pool will be used for the backup path. If the device pool selection is not static, but Cisco Unified device mobility is used, the gateway of the roaming site will be used as a backup for the TEHO path. …”
16. Functionalities of subzones in a Cisco VCS deployment
Apply registration, authentication, and media encryption policies
Manage bandwidth to restrict standard definition endpoints from using more than 2 Mb of bandwidth.

http://www.cisco.com/c/dam/en/us/td/docs/telepresence/infrastructure/vcs/admin_guide/Cisco_VCS_Administrator_Guide_X7-2.pdf (Page 127)

http://www.cisco.com/c/dam/en/us/td/docs/telepresence/infrastructure/vcs/admin_guide/Cisco-VCS-Administrator-Guide-X8-7-2.pdf (Page 154)

Bandwidth management
The Local Zone’s subzones are used for bandwidth management. After you have set up your subzones you can apply
bandwidth limits to:
– individual calls between two endpoints within the subzone
– individual calls between an endpoint within the subzone and another endpoint outside of the subzone
– the total of calls to or from endpoints within the subzone

For full details of how to create and configure subzones, and apply bandwidth limitations to subzones including the
Default Subzone and Traversal Subzone, see the Bandwidth control section.

Registration, authentication and media encryption policies
In addition to bandwidth management, subzones are also used to control the VCS’s registration, authentication and
media encryption policies.
17. Enabling SAF Call Control Discovery
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/8_0_2/ccmfeat/fsgd-802- cm/fscallcontroldiscovery.pdf
1. the SIP or H.323 trunk
2. hosted DN patterns
3. Hosted DN groups
18. Cisco VCS Expressway traversal call licenses
http://www.cisco.com/c/en/us/support/docs/unified-communications/telepresence-video-communication-server-vcs/118872-technote-vcs-00.html
According to the document VCS, Gatekeepers and Border Controllers. SIP Trunk is treated as a device by Cisco, but it is not a real device, so not used for licensing.
19. Devices or applications support call preservation
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/9_0_1/CUCM_BK_CD2F83FA _00_cucm-system-guide-90/CUCM_BK_CD2F83FA_00_system- guide_chapter_01011.html#CUCM_RF_C98194B0_00

The following devices and applications support call preservation. If both parties connect through one of the following devices, Cisco Unified Communications Manager maintains call preservation:
Cisco Unified IP Phones
SIP trunks
Software conference bridge
Software MTP
Hardware conference bridge (Cisco Catalyst 6000 8 Port Voice E1/T1 and Services Module, Cisco Catalyst 4000 Access Gateway Module)
Transcoder (Cisco Catalyst 6000 8 Port Voice E1/T1 and Services Module, Cisco Catalyst 4000 Access Gateway Module)
Non-IOS MGCP gateways (Catalyst 6000 24 Port FXS Analog Interface Module, Cisco DT24+, Cisco DE30+, Cisco VG200)
Cisco IOS H.323 gateways (such as Cisco 2800 series, Cisco 3800 series)
Cisco IOS MGCP Gateways (Cisco VG200, Catalyst 4000 Access Gateway Module, Cisco 2620, Cisco 3620, Cisco 3640, Cisco 3660, Cisco 3810)
Cisco VG248 Analog Phone Gateway

The following devices and applications do not support call preservation:
Annunciator
H.323 endpoints such as NetMeeting or third-party H.323 endpoints
CTI applications
TAPI applications
JTAPI applications
Call Preservation Scenarios
20. Global Dial Plan Replication prevent the local cluster from routing VIP number 6666666666 to the remote cluster.
Create a block learned pattern.
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/10_0_1/ccmfeat/CUCM_BK_F3AC1C0F_00_cucm-features-services-guide-100/CUCM_BK_F3AC1C0F_00_cucm-features-services-guide-100_chapter_011101.html#CUCM_RF_L56BD6F6_00
Learned pattern can be configured but there is no mentioning of transformation pattern configuration. “Create a block learned pattern” can be used to prevent Global Dial Plan Replication within local cluster.
21. URI calling within the same cluster configuration

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/9_0_1/ccmsys/CUCM_BK_CD2F83FA_00_cucm-system-guide-90/CUCM_BK_CD2F83FA_00_system-guide_chapter_0101111.html#CUCM_TK_SBE2D597_00

URI Dialing within the same cluster, follow these steps:
Step 1: Configure the URIs to the users
Step 2: Associate the directory URIs to directory numbers
Step 3: Assign the default directory URI (Configure the directory URI partition and calling search space)
Step 4: Configure the SIP profile in your network. (Configure a setting for the Dial String Interpretation drop-down list box and apply the setting for all the SIP profiles in your network. Check the Use Fully Qualified Domain Name in SIP Requests check box for all the SIP profiles in your network.)
22. 2 steps must you take when implementing TEHO in your environment
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/7x/uc7_0/dialplan.html
Implement local failover
Implement centralized failover
23. Globalization dialing functions enhancement since CUCM 7.X and later
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/dialplan.html (benefits of new design approach)
AAR
CER
TEHO
24. 2 commands verify Cisco IP Phone registration
show ephone registered
show sip-ua status registrar

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucme/troubleshooting/guide/ts_phreg.html (see the steps)

Step 3 show sip-ua status registrar

Use this command to display all the SIP endpoints currently registered with the contact address.

Router# show sip-ua status registrar

Line destination expires(sec) contact
============ =============== ============ ===============
91021 192.168.0.3 227 192.168.0.3
91011 192.168.0.2 176 192.168.0.2
95021 10.2.161.50 419 10.2.161.50
95012 10.2.161.50 419 10.2.161.50
95011 10.2.161.50 420 10.2.161.50
95500 10.2.161.50 420 10.2.161.50
94011 10.2.161.40 128 10.2.161.40
94500 10.2.161.40 129 10.2.161.40

I have cross checked with my Voice Gateway and found that ‘show ephone registered’ and ‘show sip-ua status registrar’.

Router#show ephone registered

ephone-1[0] Mac:6C30.4D57.8CD5 TCP socket:[1] activeLine:0 whisperLine:0 REGISTERED
mediaActive:0 whisper_mediaActive:0 startMedia:0 offhook:0 ringing:0 reset:0 reset_sent:0 debug:0
IP:10.30.11.34 * 7962 keepalive 4929 music 0 1:101 CM Fallback
sp1:01800008584 sp2:01800654112 sp3:00362456600

ephone-2[1] Mac:555D.0608.45B6 TCP socket:[-1] activeLine:0 whisperLine:0 UNREGISTERED
mediaActive:0 whisper_mediaActive:0 startMedia:0 offhook:0 ringing:0 reset:0 reset_sent:0 debug:0
IP:10.30.11.15 * 6921 keepalive 7 music 0

ephone-3[2] Mac:448D.0407.6BE9 TCP socket:[4] activeLine:0 whisperLine:0 REGISTERED
mediaActive:0 whisper_mediaActive:0 startMedia:0 offhook:0 ringing:0 reset:0 reset_sent:0 debug:0
IP:10.30.11.124 * 6921 keepalive 4938 music 0 1:103 CM Fallback

ephone-4[3] Mac:544D.0907.532C TCP socket:[12] activeLine:0 whisperLine:0 REGISTERED
mediaActive:0 whisper_mediaActive:0 startMedia:0 offhook:0 ringing:0 reset:0 reset_sent:0 debug:0
IP:10.30.11.25 * 6921 keepalive 4931 music 0 1:2 CM Fallback
25. Enalbe presence and extension mobility to branch office phones during a WAN failure. Cisco Unified Communications Manager Express in SRST mode

http://www.ciscopress.com/articles/article.asp?p=1744068&seqNum=4
Cisco Unified SRST does not support enhanced features, such as Presence or Cisco Extension Mobility. Message Waiting Indicator (MWI) is also not supported in fallback mode.

 

26. Configured a Cisco EX60 to register with a Cisco VCS Control, but phone is not registering with VCS C. What’s missing in the configuration.
http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/X8-1/Cisco-VCS-Basic-Configuration-Single-VCS-Control-Deployment-Guide-X8-1.pdf

EX60 (uses H.323 and SIP protocol)
H.323 ID user.two.mxp@example.com
H.323 E.164 7654321
Gatekeeper IP Address vcsc.internal-domain.net
SIP URI user.two.mxp@example.com
SIP Proxy1 vcsc.internal-domain.net
EX90 (uses SIP protocol)
SIP URI user.one.ex90@example.com
SIP Proxy1 vcsc.internal-domain.net
27. Your company’s internal number is 4 digit dialing, how to present this as 10-digit number to external clients?
Use “calling party transformation pattern”
https://supportforums.cisco.com/discussion/9848251/external-phone-mask-vs-calling-party-transformation-mask
“An advantage of using Calling Party Transformation Mask is that it allows you to change the Calling party number for a bunch of phones easily. Lets say you have a 100 phones that you need to change the 10 digit number. Rather than going to each phone and change the setting individually, you can do it at the Calling Party tranformation mask.”
“Another advantage is that if you want to change Calling Party number that gets displayed to external users, you can modify that easily with the transformation masks. It also gives you the flexibility of sending different calling party numbers to differnt destinations. For example, for local calls you can dislay the 7 digit number; for long distance you can display 10 digits and for international you can display country code +10 digits.”
28. Default region configurable items on CUCM?
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/8_0_1/ccmcfg/bccm-801- cm/b02regio.html#wp1077135
Audio Codec
Video Call Bandwidth
Link Loss Type
29. During Intercluster URI dialing, an error message “Local cluster cannot connect to the ILS network” comes up, what could be possible issues?
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/9_0_1/ccmfeat/CUCM_BK_CEF0C471_00_cucm-features-services-guide-90/CUCM_BK_CEF0C471_00_cucm-features-and-services-guide_chapter_011111.pdf (Page. 8)
The Tomcat certificates do not match.
The ILS authentication password does not match.
One cluster is using TLS certificate, and the other is using Password.
30. 2 technologies not utilising MTP.
http://www.cisco.com/c/en/us/td/docs/ios/voice/cube/configuration/guide/vb_8241.html

DTMF inband RTP-NTE (rfc2833)

SIP Delay Offer

Note 1: H.323 fast start:
https://learningnetwork.cisco.com/thread/65786
DTMF inband RTP-NTE (rfc2833) requires MTP only in CM 4.0, 5 and in later versions of CUCM, and lMTP requirement was removed when supporting RFC 2833 DTMF)

Note 2: If both endpoints support NTE, then no MTP is required. http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/8x/uc8x/media.html#wp1046314

Advertisements

Cisco Unified Communications Manager (CallManager) License backup

Hope this helps anyone who also manage Cisco Unified Communications Manager on day-to-day basis:

Task: to export license files from a Cisco Cisco Unified Communications Manager (a.k.a CallManager) ver. 5 – 10
– Reconcile all licenses in production server
– Verify the PAK key inside each license file

Option 1: Log into CUCM OS CLI
Use the following commands to list, view and get the license files:
file list license
file view license
file get license
file get license *
*Option 2: Just grab a copy from your DRS back-up

If you are running DRS backups regularly, the licsense files can be found in the following path:
Copy the backed-up tar file and extract it using 7-zip or Winrar.

E.G.) 2015-07-07-01-00-00_CMPUB_CCM_PLATFORM.tar

\\usr\local\cm\conf\licfiles

CCM license file location

The planet of Network APEs : Part 2.2 Hybrid Router on a STICK Lab

OK, let’s have some fun with our lab set up! First, let’s configure a quick proof of concept lab, ‘A hybrid router on a stick’:

Router on a stick 1

Preparation for above lab:

1. Install and prepare two virtual machines, mine is called winxp2 and winxp3. I created one and cloned it to make them as two separate VM’s

2. On VM Workstation 11, add two more VM networks. I have added VMnet3 and subscribed winxp2 to it, and added VMnet4 and assigned winxp3 to it. Make sure you disable DHCP services as below screenshots:

Router on a stick 2Router on a stick 3

Router on a stick 4Router on a stick 5

3. Tweak your GNS3 – IOU configuration so, we can add virtual machines and connect them to the topology. This is a very important step, so make sure you get these steps 100%. Go to ‘Edit’ –> ‘Preferences’ and change your settings per screenshots below:

Note: My IOU VM IP is 192.168.52.128, your could be different, so please check.

Router on a stick 8

Router on a stick 6Router on a stick 7

Configure your Local and Remote servers as above.

4. Now Open GNS3 and add the following devices.

a. Add Cisco IOU router and rename to iR1

b. Add Cisco IOU switch and rename to iSW1, connect e0/0 to iR1’s e0/0

c. Drag and drop a cloud, change the name to wxp2, change icon to PC. Configure network interface by adding VMnet3. Now, since we cannot connect the cloud directly to the iSW1’s interface, we need to use a dummy switch to connect these two devices. This is a very important step, so just drop a GNS3 switch and connect wxp2’s interface to SW1’s port 2, then SW1’s port 1 to e0/3 of iSW1.

d. Similarly, for wxp3, repeat the process described as in c using their respective ports.

e. Drag and drop two VPCS (GNS3 built-in) and connect their e0’s to switchports on iSW1. This time, there is no need to use dummy switches.

So at the end of above exercise, you should have a connection similar to the following diagram:

Router on a stick 9

Now the configuration of iR1 and iSW1.

iR1 config:

e0/0 sub-interface configuration:

interface Ethernet0/0
no ip address

no shutdown
!
interface Ethernet0/0.1 <<<This is for VLAN 1 (wxp2 and PC1)
encapsulation dot1Q 1 native
ip address 10.10.10.1 255.255.255.0
!
interface Ethernet0/0.2 <<<This is for VLAN 2 (wxp3 and PC2)
encapsulation dot1Q 2
ip address 10.10.11.1 255.255.255.0

DHCP configuration for VLAN 1 and VLAN 2:

ip dhcp pool ONE
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
!
ip dhcp pool TWO
network 10.10.11.0 255.255.255.0
default-router 10.10.11.1

iSW1 config:

vlan 2
name CCNA
!
interface Ethernet0/0
switchport trunk encapsulation dot1q
switchport mode trunk
duplex auto
!
interface Ethernet0/1
duplex auto
!
interface Ethernet0/2
switchport access vlan 2
switchport mode access
duplex auto
!
interface Ethernet0/3
switchport mode access
duplex auto
!
interface Ethernet1/0
switchport access vlan 2
switchport mode access
duplex auto

interface Vlan1
ip address 10.10.10.2 255.255.255.0
!
ip default-gateway 10.10.10.1

——————————————–

Router on a stick 10

5. Now, on PC1 and PC2, run ‘ip dhcp’ command to obtain IP addresses from DHCP server on the router, iR1.

PC1> ip dhcp
DORA IP 10.10.10.3/24 GW 10.10.10.1
PC2> ip dhcp
DORA IP 10.10.11.2/24 GW 10.10.11.1

6. Next, check IP addresses of your Windows Virtual Machines, if everything have been correctly connected and configured, your windows machine also should get the IP addresses from the DHCP server, iR1.

wxp2 IP Address:

C:\Documents and Settings\john>ipconfig

Windows IP Configuration
Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 10.10.10.5
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.10.1

wxp3 IP Address:

C:\Documents and Settings\john>ipconfig

Windows IP Configuration
Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 10.10.11.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.11.1

7. Now ping IP addresses and verify your PoC lab. You should be able to ping at all IP addresses and also, RDP from one windows machine to another. Have a fun!

Router on a stick 11

Router on a stick 12

How to build the most cost effective, all purpose vSphere (ESXi 5.1, 5.5) lab: Part 2. The preparation and installation

Welcome back and thank you for reading Part 1 of this lab series and then back to read part 2! In this post, let’s get things organised so we don’t loose the traction while installing the OS and software. As usual, it is totally up to you how you want to use the information from my post, but if you have a keen interest in learning how to do things, you should perform all if not most of the tasks shown in this post.

Let’s revisit the scope of this lab environment and fine tune the initial requirements covering some main stream technologies you would need to make your lab practical and useful for your use. I have tabulated my requirements as below:

Software/Service Vendor Version available Download sites
1 OS Microsoft Server 2008 /2012 (64bit) Microsoft/torrent sites
2 Hypervisor Vmware vSphere 5.1/5.5 Vmware/torrent sites
3 Cisco IOS Cisco 12.2(44)SE6 (c3550-ipservicesk9-mz.122-44.SE6.bin) Cisco/torrent sites
4 DHCP Multiple Cisco IOS (on c3550) Cisco/torrent sites
5 DNS Multiple Install on demand Various
6 Proxy Multiple Install on demand Various
7 FTP/SFTP Multiple Install on demand Various
8 TFTP Multiple Install on demand Various
9 SSH/remote console Multiple Install on demand Various
10 Syslog server Multiple Install on demand Various

Since everyone’s lab requirements are unique and different, you should come up with your own software suit for your lab use. Installing Windows OS and VMware vSphere 5.1 is a breeze and requires very little effort, but where you would need assistance is on the preparation of your images prior to OS/vSphere installation, so, first, let’s focus more on the preparation of Windows OS and vSphere. And after the OS and vSphere have been installed, we will look at how we can make them communicate to each other on a Cisco switch. I will discuss other options briefly but will mainly focus on our set-up.


A. Preparation and installation of Microsoft Windows OS – Step-by-step instructions

Step 1. Download a copy of Microsoft Windows 2008/2012 iso file from the internet. Download evaluation version from Microsoft site or alternatively, download it from your preferred torrent site. Save it on your computer.

Step 2. Download Windows7-USB-DVD-tool or unetbootin-windows-603 or rufus-1.4.10 or UltraISO. You will only need one of these tools, these tools are readily available from the internet. Depending on your OS or image, some tools will work and some won’t.

Step 3. Make a bootable DVD/USB or prepare installation image over PXE LAN Network

Well, no need to explain which is the easiest and most effective way to install Windows OS for a single instance, Go ahead and use your plain Jane USB key to make a bootable USB key.

Windows bootable usb

Note: If you are using WIndows 8.1 or Windows 2012 as your base image, you may have to use another bootable USB making tools. Try to use the other tools mentioned above.

Step 4. Now stick the USB key in and power on your Windows/Console server. Press F2/F10/F12/Del button to choose your first booting device. Select to boot from your USB key.

Step 5. After the first server boots up from the USB key, follow Microsoft GUI instructions to complete the installation.


B. Preparation and installation of VMware vShere 5.1/5.5 – Step-by-step instructions

Step 1. Download a copy of VMware vSpheare 5.1/5.5 iso file from VMware site (user registration required). Alternatively you can choose to download it from your preferred torrent site. Save it on your computer.

Step 2. Download unetbootin-windows-603 or rufus-1.4.10 or UltraISO. You will only need one of these tools, these tools are readily available from the internet. Depending on your OS or image, some tools will work and some won’t.

Step 3. Make a bootable DVD/USB or prepare installation over PXE/TFTP over LAN environment

Well, no need to explain which is the easiest and most effective way to install vSphere 5.1/5.5 for a single instance, Go ahead and use your plain old Jane USB key to make a bootable USB key.

Rufus bootable usb

Note: You can alternatively use other tools to make the bootable image, download and test other tools’ functions. in my opinion UltraISO is a very handy System Admin’s tool.

Step 4. Now stick the USB key in and power on your stand-alone ESXi server. Press F2/F10/F12/Del button to choose your first booting device. Select to boot from your USB key.

Step 5. After the second server boots up from the USB key, follow VMware GUI instructions to complete the installation.

Note: Using vSphere 5.1 as it has a built-in driver for my motherboard’s on-board Realtek network port. On vSphere 5.5, you will have to manually add the driver during the installation. If you have a supported PCI/PCI-e network adapter, please install one and use it. Also, if you plan to build a fully blown up vSphere lab with multiple machines spanning across the network, ideally, you would need 4 network ports minimum each physical server. Using physical servers enpower you to test and learn things that cannot be tested and learnt from vSphere nested set-up. Nested set-up is where you build a multiple vSphere installation instances on a single PC, usually on VMware Workstation. If you are working on a limited budget and also worried about running cost, a nested set-up will be best suited, the only caveats are the missing some advanced features of vSphere 5.x and performance issues. There are multiple cons and pros tested about physical vs nested VMware lab set-up, to read more on this, click here.


As part of prep, lets configure a Cisco switch. If you are new to Cisco, then a big welcome to Cisco world of fun! If you are an old school to to Cisco, but have been caving in for many years behind Microsoft/Linux/Middle-ware/application technologies, then perhaps, it is about time for you to come out of your cave and face the music? Cisco technologies won’t eat you alive or grill you like sausage on a barbie and eat your behind up. 🙂

No offence against using a dumb switch. If you are using a non-managed switch (a dumb switch), you can connect your servers to your switch at this point. If you do not have a hub/switch, you can also use a crossover cable to connect the two servers. If Cisco thing is not really your thing and dont have the budget for a managed switch, ok to use but everything will be flat or less interesting. Examples of dumb switches shown below:

20140925_121830

If you have read Part 1, I have suggested to use a Cisco L3 capable Srouter (switch + router), my recommendation was intentional as it will give us more flexibility to do more fun things while serving our lab purpose. For example, configuring and isolating various VLANs, running DHCP and other various services from the switch, IP Routing through L3 switch etc. To save cost, let’s stick to Cisco 3550, if you have a little bit more budget, stretch out to buy a Cisco 3560/3750 FastEthernet switch. If your budget is generous, then purchase a 3560G/3750G switch, where everything will be running at 1GB which is the reommended minimum speed for any vSphere prod/testing environment. Under a normal lab use, 100Mb speed should be good enough.


C. Preparation and installation of  Cisco 3550/3560 switch – Step-by-step instructions:

cisco3550

Step 1: Restore switch to factory default and check vlan database

#Your Cisco switch configuration has been restored to the factory default, after booting up the switch, it will ask you the following questions, answer the question as below and hit ‘Enter’.

Would you like to enter the initial configuration dialog? [yes/no]: no

Would you like to terminate autoinstall? [yes]: yes

#You’ll be prompted with the following interface:
Switch#

#Check your switch VLAN configuration to make sure all existing VLAN’s have been wiped off, if you still see a persistent vlan information, you may have to delete the vlan.dat file and reload the router.

Switch#show vlan
VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default

========================================================================================

Step 2: Let’s configure the switch name, time, password and SSH login
Switch>en
Switch#conf t
switch01(config)#hostname switch01
switch01#clock set 15:15:00 25 Sept 2014
switch01(config)#enable secret cisco
switch01(config)#line vty 0 15
switch01(config-line)#password cisco
switch01(config-line)#login

Step 3: Configure vlans and their names
switch01(config)#vlan 100
switch01(config-vlan)#name SERVERS
switch01(config-vlan)#vlan 150
switch01(config-vlan)#name DATA_DEVICES
switch01(config-vlan)#vlan 200
switch01(config-vlan)#name IP_PHONES

Step 4: Configure vlan interface IP addresses, I am using .254 for default router IP, but you can also use .1
switch01(config)#int vlan 100
switch01(config-if)#ip add 192.168.100.254 255.255.255.0
switch01(config-if)#int vlan 150
switch01(config-if)#ip add 192.168.150.254 255.255.255.0
switch01(config-if)#int vlan 200
switch01(config-if)#ip add 192.168.200.254 255.255.255.0

Step 5: Configure required DHCP pools, if you plan to use a Microsoft server as the preferred DHCP server, you do not need to configure this here. Note that I am excluding some IP address ranges to have a full control of the IP addresses my DHCP server is giving out to the hosts.
switch01(config)#ip dhcp pool SERVERS_192.168.100.0
switch01(config)#ip dhcp excluded-address 192.168.100.1 192.168.100.3
switch01(config)#ip dhcp excluded-address 192.168.100.31 192.168.100.254
switch01(dhcp-config)#network 192.168.100.4 255.255.255.0
switch01(dhcp-config)default-router 192.168.100.254

switch01(config)#ip dhcp pool DATA_DEVICES_192.168.150.0
switch01(config)#ip dhcp excluded-address 192.168.150.1 192.168.150.10
switch01(config)#ip dhcp excluded-address 192.168.150.31 192.168.150.254
switch01(dhcp-config)#network 192.168.150.4 255.255.255.0
switch01(dhcp-config)default-router 192.168.150.254

switch01(config)#ip dhcp pool IP_PHONES_192.168.200.0
switch01(config)#ip dhcp excluded-address 192.168.200.1 192.168.200.10
switch01(config)#ip dhcp excluded-address 192.168.200.31 192.168.200.254
switch01(dhcp-config)#network 192.168.200.4 255.255.255.0
switch01(dhcp-config)default-router 192.168.200.254

Step 6: Configure switchport and assign to the correct vlans
switch01(config)#int range fa0/2 – 4
switch01(config-if-range)#switchport mode access
switch01(config-if-range)#switchport access vlan 100
switch01(config-if-range)#no shut
switch01(config-if-range)#exit
switch01(config)#int fa0/2
switch01(config-if)#description WIN2008_SERVER
switch01(config)#int fa0/3
switch01(config-if)#description VSPHERE5_SERVER
switch01(config)#int fa0/4
switch01(config-if)#description EXTRA_SERVER_Port

switch01(config)#int range fa0/5 – 12
switch01(config-if-range)#switchport mode access
switch01(config-if-range)#switchport access vlan 150
switch01(config-if-range)#switchport voice vlan 200
switch01(config-if-range)#description DATA_PC_Ports
switch01(config-if-range)#spanning-tree portfast
switch01(config-if-range)#speed 100
switch01(config-if-range)#duplex full
switch01(config-if-range)#no shut

Step 7: Check switchport status, DHCP address service, ping a device and finally review your switches vlan configuration

switch01#show ip int bri
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES unset administratively down down
Vlan100 192.168.100.254 YES manual up up
Vlan150 192.168.150.254 YES manual up up
Vlan200 192.168.200.254 YES manual up up
FastEthernet0/1 unassigned YES unset down down
FastEthernet0/2 unassigned YES unset up up
FastEthernet0/3 unassigned YES unset up up
FastEthernet0/4 unassigned YES unset down down
FastEthernet0/5 unassigned YES unset down down
FastEthernet0/6 unassigned YES unset down down
FastEthernet0/7 unassigned YES unset down down
FastEthernet0/8 unassigned YES unset down down
FastEthernet0/9 unassigned YES unset down down
FastEthernet0/10 unassigned YES unset down down
FastEthernet0/11 unassigned YES unset down down
FastEthernet0/12 unassigned YES unset down down
…info omitted
switch01#show ip dhcp binding
IP address Client-ID/ Lease expiration Type
Hardware address
192.168.200.11 0100.070e.a62c.7e Mar 02 1993 02:10 AM Automatic
192.168.200.12 0100.0ded.d815.e6 Mar 02 1993 02:10 AM Automatic
switch01#ping 192.168.200.11
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.200.11, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

switch01#sh vlan

VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/1, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gi0/1, Gi0/2
100 SERVERS active Fa0/2, Fa0/3, Fa0/4
150 DATA_DEVICES active Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
200 IP_PHONES active Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

============================================================================================


If you cannot afford a L3 managed switch and also want to learn some routing using Cisco routers, you can also achieve the above using a Cisco 2600XM router and a Cisco 2950 switch. If you prefer this configuration, you simply configure the Cisco 2600XM as a router on the stick using multiple virtual interfaces. The default gateways would be configured on the router’s uplink fastEthernet port. If the money is not an issue, go ahead and blow $$$ on latest Cisco swithches and routers, but under what justification? If you need assistance with this configuration, please search for ‘Cisco router on the stick configuration’ on google, any issues, please let me know.

Good luck!

How to build the most cost effective, all purpose vSphere (ESXi 5.1, 5.5) lab: Part 1. The story goes like this

Is there such thing as a budget, low running cost, high performance, all purpose vSphere lab, yet very dynamic and flexible? If your answer is “No”, read on and think again on how this can be achieved.

I’ve recently renewed my VCP 4.1 to 5.x and everyday, I am thankful for getting an early exposure to VMware line of products, namely vSphere and vCenter 4.1, 5.1, 5.5, and VMware Workstation 7, 8 , 9, 10. Virtualization empowers IT geeks and IT geek wannabes with enough power to run the whole Data Center on a single PC or carry a whole Corporate replication environment on a powerful laptop. Well, you are asking me now, “What’s the true cost of owning one of these machines?” Hmm… like all good answers, my answer is also, “It depends.”

My search for finding a sweet spot between the best performance and bang for your bucks goes some years back, in fact about 6 years. I have been building purpose built VMware ESX/ESXi/Workstation servers out of normal PCs for about 6 years. After many successes and failures with vSphere lab building, along the way, I came to a conclusion that you should only aim to build a lab, which will meet your requirement for only a couple of years. In other words, a virtual lab is a lab, “Yes, IT IS JUST A LAB!.” Not a production environment or something to show off to your friends how much you have wasted on the latest and greatest CPU, memory, motherboard, SSD, case, PSU etc. Hard earned cash wasted into something you probably will only get 10 – 30 % use out of it. In fact, how powerful your server is irrelevant in most occasions but we still want to believe and justify that it would be still relevant. In my experience, you should aim to only spend just enough to keep the lab for 2-3 years and keep the cost down wisely, so you can spend the savings on better things. Spend your money wisely and also build your lab around Desktop(s) over laptops, in 3 years time when you have to upgrade/refresh your lab again, you will thank me for convicing you into this path. The reason I am saying this is, in recent years, the Server/PC/Laptop hardware technologies are moving so fast that the server you purchased or built (white boxes) gets out-dated in a blink of eye. Also, a laptop is still a laptop and they can run into all sorts of problems if you keep them powered on for many days. So, there isn’t a lot going for spending thousands of dollars or purchasing the most powerful laptop for the purpose of vSphere lab use. The rule of the thumb is a simple one, keep your cost down, only build server(s) to serve your lab purpose/use.

From my own personal experience, those who does not have a clear goal on how s/he plans to use the lab is in the most vulnerable position to  burn a BIG HOLE in her/his pocket.

So, just before starting out in a virtual lab server building (a.k.a white box(s)), pencil in all your requirements and ask yourself what you really are after. In this series of lab building, I plan to share my experience and knowledge on how to build the most useful, cost-effective, energy efficient and good performance budget virtualization environment using my mini vSphere lab as an example. I will be using both existing PC as well as build a new Server to build a lab with two servers connecting to a single physical switch. From here, you probably will have a good idea, a gauge into and expand on different ideas on how to build a lab which will be most useful for you but at the same time, not burn up all your savings.

First, let’s answer some of the following question for sizing purposes.

Q1. What is the purpose of your new server?

A: Mostly lab use

Q2. How many virtual machines will you be running at any given time?

A: 5 – 10 at any given time

Q3. What is your budget in white box building?

A: Under $500

Q4. Is energy saving an important factor building this lab?

A: Yes, extremely important as power bills can go through the roof

Q5. Do you need multiple servers to test advanced features of vSphere?

A: Yes

Q6. Do you plan to use this lab for purely vSphere/VMware learning environment?

A:No, I will run 3rd party application/appliance servers on this environment.

Q7. Do you have an old PC which can be reused?

A: Yes, a five year old Intel Core 2 Quad Core Q9550 with 8GB of Memory, 500GB HDD + 1TB HDD,

Q8. Is data backup an important in this lab?

A: Yes and No, but more towards no, this lab is a dynamic lab, I should be able to break it down quickly and then rebuild it as I like, so do not need raid 1, 5, 10. Simple raid 0 set-up will suffice.


You can probably think of your own questions and scenarios, but based on my requirement as above, I plan to build two server lab connecting to a Cisco L2/3 switch (sometimes called Srouter (switch + router), L3 switch is a single device which can logically act as both a switch and a router). First server out of existing PC, second server sourced from an online auction site such as Ebay or other auction sites.

1. Re-use old Q9550 PC to install Windows 2008 R2 64bit server with VMware Workstation 10.1 installed on it. It is important to note that I am using two hard disks here, the first disk (500GB) for OS install and second disk (1TB) for virtual machine storage. This set up will free the OS disk from performance issues while the virtual machines run into data-store file access and resource contention issues. Also, note that this PC will double as the management and console server.

xxxx12345

*Note: Windows 2012 is newer, but the KMS (Key Management System) and product activation is a pain in the neck, so trust me and go with Windows 2008 R2 64bit system, this OS will be compatible with almost everything at the moment and will last a good 5 years if you even intend to use it for this long. Unfortunately, I cannot provide you the installation iso or exe files, but I am sure you will find these software and licenses in most cost effective way.

2. Build an El-cheapo (cheap) server for vSphere ESXi5.1 direct installation. vSphere will be installed on a USB stick with more than 4GB of space. 1TB HDD will serve as the local storage for the vSphere file storage. Note that we are using a USB stick for vSphere installation, this will save few dollars if you plan to run the server all year around. I have purchased a PC with CPU, motherboard, 4GB memory, DVD Rom, Case with power supply, but without a hard drive, big memory for $135 and installed 16GB of memory, added a Sandisk 16GB USB2 stick and thrown in 1TB spare hard disk to complete this server build. Below photo shows Sandisk Cruzer Orbit 16GB USB2 stick, where vSphere 5.x will be installed.

20140917_151014

*Note: Again, I cannot provide you the installation iso files or license keys, but I am sure you will find these software and licenses in most cost effective way.

3. You can use an old 8 port non-managed switch to connect everything up or purchase a cheap second hand Cisco L2-L3 switch such as Cisco 3550/3560 switch to connect everything. Cost: $100 – 200 on Ebay. After you get your Cisco switch, in most of the cases, you’ll find only L2 image (Cisco IOS) running on the switch, you’ll have to find and download a L3 image and perform an upgrade through TFTP server. You can download a software such as tftpd32 and run it on your windows 7/8 PC and dump the L3 IOS image and run the upgrade through one of the switchport. If you don’t have a switch, you can also perform an upgrade through a useless and time consuming method of Xmodem (not recommended). I will cover this step in a Cisco learning series for any beginners.

20140917_150940

4. You can use your Internet modem to connect your lab or purchase and place an El-cheapo (cheap) Cisco router to perform IP Natting between your modem and your lab, for now we’ll leave this one out as we want to only focus on a System Admin’s lab for the time being, not a Network Engineer’s lab. Anyway, in another lab series, I plan to show you how to build and learn Cisco CCNA/CCNP technologies on Dynamips/GNS3 environment, all your routers/L2 switches running on a single PC or a laptop (Windows 2008/2012 server or Windows 7/8). if you want, you can integrate this lab with a dynamips based network infrastructure on the same machine.


The following is the full specifications of my servers and set-up. I have chosen Option 2 to cut the cost down further, but even you choose to go with Option 1, you will be still around $500 to build your second server.

Option 1:
Part Server 1 (Re-used) Cost Server 2 (New build) Cost
CPU Intel Q9550 $0 Intel i3  3420 $135
Memory 4 x 2GB DDR3 10600 $0 Patriot 2 x 8GB DDR 16000 $160
Motherboard Gigabyte P45T-UD3R $0 Asus P8H67-M $75
PSU Old CoolerMaster 450W $0 Came with Mini-ATX Tower $0
Case Old CoolerMaster Full ATX Tower $0 Old CoolerMaster Mini-ATX Tower $65
DVD Rom LG $0 LiteOn DVD WR $15
HDD 1 250GB $0 1TB $80
HDD 2 1TB $0 N/A
USB 1 N/A Sandisk 16GB Cruzer Orbit ($5 from MSY special) $5
Total $0 $535
Option 2:
Part Server 1 (Re-used) Cost Server 2 (purchased second hand i3 PC and rebuilt) Cost
CPU Intel Q9550 $0 Intel i3  3420 + Asus P8H67-M + Mini-ATX Tower with PSU $135
Memory 4 x 2GB DDR3 10600 $0 Patriot 2 x 8GB DDR 16000 $160
Motherboard Gigabyte P45T-UD3R $0 N/A $0
PSU Old CoolerMaster 450W $0 N/A $0
Case Old CoolerMaster Full ATX Tower $0 N/A $0
DVD Rom LG $0 LiteOn DVD WR $0
HDD 1 250GB $0 1TB $80
HDD 2 1TB $0 N/A
USB 1 N/A Sandisk 16GB Cruzer Orbit ($5 from MSY special) $5
Total $0 $380

Now, the total cost of Server 1 + Server 2 + Cisco 3550 switch came up to $540. The cost went over $500 as I have chosen to spend a little bit more on the switch and went with Cisco 3550 24 port PoE switch for connection Cisco IP Phones and other lab use. If I really wanted to keep the cost down, I could have gone with the plain old Jane, Cisco 3550 24T switch for $100 – 120.


Now you have assembled all parts, using a couple of cat5 cables, connect them up like the photo below:

20140917_150929

We are now ready to install the software and jump into real labbing (Lab + ing). In Part 2 and beyond, I will show you how to install and configure various components of the lab OS and applications. Also, a quick-start switch configuration will be included to get you up and running quickly.