CCNP Certified!

Today I achieved the CCNP Certfication! It has been 3 years since I started this journey and I still remember the days when I thought just having my CCNA would be all that I would ever want. Nope! The truth is, if you aspire to CCNA once you finally get there I think the first thing you'll think is, "Hmmm, why don't I just keep going and get that CCNP." Well that's exactly what I did.
The following is the exact exam path I took:

  • 642-813 SWITCH - Failed Taken 1 week before the v2 exams take over
  • 300-101 ROUTE - Failed 2 months later, failed by 4 points!
  • 300-101 ROUTE - Passed 1 week later
  • 300-135 TSHOOT - Passed 3 weeks later
  • 300-115 SWITCH - Passed 2 weeks later
You'll notice that I ended up taking and passing SWITCH last. In fact, many of my friends thought I had gotten my CCNP when I announced that  I passed TSHOOT! (it being the usual final test) Well I took the old SWITCH exam rushed. It was going end of life soon and I was studying for that exam! So, unfortunately, I needed to take it rush and it showed. I bombed that test pretty hard. By then I needed to move on. A lot of stuff I was studying for at work was related to more of the ROUTE path so I had to leave SWITCH behind. The test had changed over to version 2 and I just didn't have the time to learn the new topics. I would have to come back for it. I really do not recommend doing this. The choice to abandon SWITCH and move on to the other two tests just means you will forget much of the intricate material. The best way to do things if you fail is to just sign up again a few weeks later and bust your tail to learn the topics you were weak in. 

ROUTE I actually found to be not too bad. Yes I failed it the first time around, but I failed it by one question. It was a simple matter of rescheduling right away and shoring up any holes I had in my knowledge base. 

TSHOOT was by far the funnest of the three tests. It was just fun figuring out why something didn't work and looking through the configs for a culprit. A huge bit of advice that my colleagues told me was to make sure you familiarize yourself with the TSHOOT topology. I cannot overstate how important this is! Learn how the topology is connected and make sure you are comfortable with it. You will waste tons of time if you are seeing the TSHOOT topology for the first time when you sit down to take the exam. Get comfortable with the environment and no matter what they throw at you you'll be able to handle it. 

SWITCH, for me at least, is a beast and I found this to be the hardest of the 3. A fitting end I suppose. I found the HSRP and Spanning-Tree sims to be fairly straight forward, but a lot of the layer 2 and security questions are very intricate and designed to make you second guess yourself. What was that errdisable recovery interval again?!

Well, it's the weekend, and I feel like celebrating. For now I will just be happy that I've finally achieved CCNP certification. Soon though, I will need to start asking myself. "OK, what's next?"


How to: Erase Cisco Flash Partition

Did your old 2600 series router come with a partitioned flash?! Want it gone? It's easy as Pi!

erase flash


erase flash:1:

erase flash:2:


config t

no partition flash


How to Force Windows to Use the Correct Default Gateway

Many of us will end up using our home PCs to not only connect out to the internet, but also to connect to our home labs. You may be using an Ethernet connection out to the internet and a wireless connection to your home lab, or vice versa. The following diagram is an example of such a set up.

The issue here is that if you are trying to connect to the home lab via telnet,ssh or remote into a server your connection will most likely fail. You may notice that you can connect to the lab's wireless access point and it's gateway at but beyond that you get nothing. Some simple commands and a little exploring can shed some light on this issue. First let's open up an elevated command prompt. (Right click Command Prompt and click Run As Administrator)

Notice Ping failure and wrong default gateway on tracert.
Here we see that we cannot reach the AAA server when we ping Next we run a tracert command. Notice that the PC has chosen to send to the wrong default gateway of (or out towards the internet). Since your home internet router is likely unaware of how to reach the network this will result in a connection failure.

Ping to wireless gateway is successful
Next let's try a ping which is the default gateway of the lab wireless access point we are connected to. Notice that this time it is successful. This is because the IP that we are pinging is on the same network as the wireless adapter on our PC. Anything beyond this network and the PC will always use the wired gateway (, causing a failure. So how do we get around this problem?

Add a route to Windows
Simple. We need to tell windows where to send traffic destined for a specific network by adding to the static route to the Route Table. Type command route add -p mask in the command prompt. This command tells our computer that anything destined for the network, send it to the wireless gateway of (which we know our PC can reach).  Next we verify the route.

Verify the added route.
Now just type route PRINT -4 into the command prompt. This tells the PC to show the current IPv4 routes it has in its table. The -p in the command allows the route to be a Persistaent Route meaning it will still be there after the computer is rebooted. Most likely you will want this. With -p the route will be stored in the registry key at:


If for any reason you need to remove this route just use the command route remove -p mask

There we have it! We can now successfully connect to the AAA server in our home lab. As an added bonus, because we added the route to our PC's route table, now we can reach any IP in the lab that begins with 10.x.x.x! Hope this helps!


SecureCRT Keyword Highlight Color

A fantastic new feature has arrived with the latest update to SecureCRT 7.3. One of the top terminal emulators on the market now offers 'Keyword Highlighting'. Properly used this new feature can enhance your networking productivity. This is especially true when mass configuring networking devices. The ability to highlight any keyword you want allows you to spot configuration errors much easier and faster than when all of the text is the same color. This new feature even allows you to highlight different keywords into different colors, allowing you to organize what you want to see in the configuration in an easy to spot color scheme. For example, highlighting errors in red and VLANS in yellow.

To upgrade to the latest version of SecureCRT (at least version 7.3) go here

Why is this useful? With properly modified line entry times in your SecureCRT options, you can safely add an entire configuration to a device. This previously wasn't recommended because of glitches and errors occurring that might be missed as the configuration is being applied. 

For example without using keyword highlighting a configuration containing an error would look like the following: 

You can see by looking closely that the error, a typo, occurred on FastEthernet 1/11. Previously before keyword highlighting you would either have to have a keen eye to see this error pop up as you pasted an entire config script, or you would need to put  the configuration in in small chunks. 

With keyword highlighting enabled, and set to a few keywords and symbols, you can easily spot when the error occurs. For example with the same configuration we have chosen to highlight any occurrence of the word invalid and the symbols % and ^ in red blocks. 

It may seem like a small thing but a splash of color on monochromatic text really pops out at you. This allows you to put entire configuration scripts in at once and just hit CNTRL+C to stop the script in case you see an error. Not only does it make spotting errors easier but it can save you time by allowing you to put entire configurations in at once. Also, this allows you to enter a script and then quickly just scroll up through the applied configuration and see what errors you may have missed. This is especially handy for jobs were you are putting scripts on a large number of access switches. I recently had to do a job were I configured 200+ switches and copying and pasting small chunks of script wasn't a viable option due to the time it would take. I could apply the configuration and begin working altering the next configuration on a separate monitor. Any time there was an error I could clearly see the color contrast out of the corner of my eye and stop the script. This would not be possible if all of the text was the same color, you simply just wouldn't see it.

To enable keyword highlighting on SecureCRT 7.3 or greater perform the following steps:

1.  Go to Options > Global Options and then click the Edit Default Settings Button

2. Go to Appearance category. At the button in the Highlight keyword section use the drop down menu and select "New"

3.) In the Keyword List Properties enter a name for your keyword list. Next add a few keywords that you want to be highlighted.  Once you have added your words click OK. 

4. Next, in the Highlight Keywords section, be sure to select the Bold and Color boxes. Default color will be red, which for me contrasts perfectly against the green text. So if you would like to change your color be sure to click Edit and change your keyword colors.

5. Click Ok when you are finished. In order to see your highlighted text you will need to exit out of your current terminal connect and start a new one. Now just enter a typo into your device configuration and verify that the new text is highlighting properly. 

I hope this is helpful for you, as I know I am using it more and more now. It is a great way to provide extra error detection and increase productivity.