Tuesday, March 31, 2015

A simple EEM in my home environment

My broadband link is not as stable as what I expect, and it goes up / down from time to time.  When it goes up and down, the public interfaces of IP address might change.  I have a few settings in my lab depends on that IP address, although DDNS is a way to go, I haven't found a new provide after my DynDNS free membership expired.  So in the meantime I have written a simple EEM to send me the IP address of all my interfaces via email.

! Define the email environmental parameters such as from, to address and email server address
event manager environment _email_from alice@aaa.com
event manager environment _email_to bob@bbb.com
event manager environment _email_server smtp.ccc.com

! Since I want to run show command, panda is a local username with privilege level 15 so that I can run this command in enable mode
event manager session cli username "panda"

! I want to run this EEM every 00:00 midnight
event manager applet check-interface-ip
event timer cron cron-entry "0 0 * * *"
action 1.1 cli command "show ip int brief"
action 1.2 mail server "$_email_server" to "$_email_to" from "$_email_from" subject "[EEM] HOME-RT01 gi0/0 up" body "$_cli_result"

ISE Web Admin Password Expired

I haven't touched my ISE 1.3 lab setup for some time.  When I tried to log in again I saw this - "Password is expired.  Please reset your admin password."
This is a good security policy for production customer environment, annoying in lab environment.  First let's reset the password, it has to be done via CLI:

If you want to disable this default 45-day admin password expiration policy, you can go back to UI, Administration > Admin Access > Authentication > Password Policy > Password Lifetime, uncheck the first checkbox.