CCNA Lab back up and running

Async Cables

Serial cables

Front of Rack

Rear view of rack

Setting up my CCNA Lab routers this evening. Have everything mounted in the rack and cabled together. At the core of the set up, I have a 3620 with an async card in it that gives me terminal/console access to everything in the rack without having to swap the console cables around. I just telnet to a specific port off the 3620 to access a particular device.

For example, when I want to connect to the router connected to Async line 6, I just connect with: “telnet c3620 6006”

Here are some shots of my current set up.

First shot is a close up of the octo-cables coming out of the Cisco 3620. Each line goes to a serial interface on other equipment in the rack. Right now, I’m using 10 serial lines. The interface here supports up to 32 serial lines — so I’ve got a bit of room for growth.

The next shot is the inter connecting serial DTE/DCE cables between each Cisco 2600 router. The router with four serial interfaces is connected to four separate 2600’s — one, two, three, and four. One and Two are further connected to each other, as are three and four in this particular set up.

Finally, here are two shots, one of the front of the rack and another of the rear of the rack.  Below the routers is a shelf where I have a couple of Linux boxes that I use as nodes on the networks for testing connectivity between different router setups/configurations.

CCNA / CCNP Lab Setup


I’m building a lab at the house to use to study for CCNA and CCNP certification. On the left are some old Cisco routers and switches scrounged from work. On the right are some routers and switches I bought on eBay. I have a Cisco 3620 with an Async cable connected to all of the console ports so I can access all of the systems console ports thought the 3620.

It’s just about ready to go — I’m just waiting for an order of DCE/DTE crossover cables to arrive and then I’m in business. I hope to be able to get things set up so that I can administratively reconfigure the systems without having to make a lot of patch cable changes to create different scenarios… we’ll see.

Finally, in the bottom left corner, is an Ubuntu Linux system I’m using for general management of the switches. It’s got tftpd set up, and can receive syslog messages from the systems if I need to do some heavyweight log troubleshooting. Eventually, I hope to get it set up as a TACACS server as well.

Update #1 — mounted the equipment into a rack that was donated to this cause.


Just what do you think you’re doing, Paul?

Things are ramping up with this blog as I bring it back online. I sort of feel like Dr. Chandra bringing Hal 9000 back online — one element at a time, and as each step is completed, the system becomes more familiar and responsive.

I’m completely operational, and all my circuits are functioning perfectly. — Hal 9000

So, anyway, as I re-assemble the site, I will slowly but surely republish some of the old articles with tips and tricks that are still applicable (SSH port tunneling, for example) — and also, I’ll try to update them as well.

About this site — it used to have the title ‘Tao of Network Administration’ — since I plan to cover more than just network administration, I’ve settled on the less specific “Tao of Schuh.”

By day, I manage the network and many of the servers and linux/unix computing labs for the School of Electrical and Computer Engineering at Cornell University. Occasionally I will develop LAMP (Linux Apache MySQL PHP) applications and assist with computer and network security prevention as well as post-incident security analysis and forensics. I’ve maintained CISSP certification since 2001.

By night, I play bass guitar with the Snake Oil Salesmen; read books; compose/write music with Ableton Live, Reason, and Logic Pro; and I’m currently teaching myself (aka playing around with) the Apple Final Cut Studio suite of applications — mostly Final Cut Pro and Motion.

And finally, when its warm — I just might be out on Cayuga Lake sailing my 1974 Ranger 23 sailboat.

Here’s to the future!

Paul Schuh

SSH Tunnel Howto

This was previously available on my homepage at Cornell, I’m trying to centralize all my websites to a single location and I include it here for your enjoyment.

Where I work, the Cornell University School of Electrical and Computer Engineering, the network only allows secure encrypted connections into the servers on the network. If you want to transfer files to and from the network, you need to use a program that supports SFTP or SCP2 transfer protocols. For users of Microsoft OS’ I recommend using SSH from SSH, Inc. which can be downloaded from

Unfortunately, many web design programs and other applications that use FTP do not support SFTP or SCP2, Macromedia Dreamweaver 2004 is the first and only to date that I’ve heard of that does have SFTP support built-in. Don’t worry… there is a way to get around this limitation by following a few simple steps.

Continue reading