Setting up IT network infrastructure in a new business building/Warehouse/large facility

Broadly speaking, from IT network perspective, the infrastructure is divided into two parts:

  1. OSP Infrastructure
  2. ISP Infrastructure

OSP stand for outside plant and it is any network infrastructure installed external to buildings. OSP cables are underground, direct-buried or aerial. In most of the cases OSP infrastructure installation is the responsibility of the local access providers. However, if the facility is located on private properties then it becomes customer’s responsibility.

Reference Link: Click Here

Some Pictures:



ISP refer to cable installed inside the building (in-house cabling/low voltage cabling). This includes everything from the patch panel, patch cord, and switches to the cables and jacks. And this will be the responsibility of the customer.

Some Pictures:


Converting Cisco Aironet Access Point 2600 to Light Weight Access Point (Standalone) AP

Must Know:

From infrastructure point of view there are two different types of Access Points:

  1. CAPWAP (WLC based): AP is controlled and provisioned from WLC
  2. Lightweight (Standalone): Independent of WLC, all configurations are done locally on each APs

IOS Image Code Difference:

Controller based base APs has IOS image types of K9W8 whereas lightweight has K9W7 and rcvK9W8 lightweight recover image.


Conversion Process:

  1. Reset the CAPWAP AP to factory default

         Step 1 Disconnect power (the power jack for external power or the Ethernet cable for in-line power) from the access point.

         Step 2 Press and hold the MODE button while you reconnect power to the access point.

        Step 3 Hold the MODE button until the Status LED turns amber (approximately 1 to 2 seconds), and release the button. All access point settings return to factory defaults.

2. Login to AP using default username and password: username: Cisco password: Cisco

3. By default, global configuration mode is disabled, so need to enter below debug command to get into global configuration mode: debug capwap console cli

4. Assign IP add to BVI or G0 interface to copy the code form TFTF server

5. Then copy the new image into the AP

archive download-sw /force-reload /overwrite tftp://

NOTE: After starting the file copy, it seems the CAPWAP was continually trying to discover WLC and it was resetting the interface IP to DHCP IP add and file copy was failing. Because TFTP server is not able to reach the original IP address of the AP.

To come out of this situation, I created DHCP server on the switch and left the BVI interface to obtain DHCP IP address form the switch. Again, it was still doing the same thing, updating the interface IP address from the DHCP server IP pool.

Here is the logging and DHCP IP getting updated every time when AP is trying to contact WLC

*Mar  1 01:16:42.607: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.

*Mar  1 01:17:17.047: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address, mask, hostname APa0ec.f951.ed07

Translating “CISCO-CAPWAP-CONTROLLER”…domain server (

*Mar  1 01:17:28.019: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.

*Mar  1 01:17:37.019: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER

APa0ec.f951.ed07#sh ip int b

Interface                            IP-Address          OK?        Method                Status                Protocol

BVI1                             YES         DHCP                    up                         up

GigabitEthernet0             unassigned         NO         unset                     up                         up

GigabitEthernet0.1         unassigned         YES         unset                     up                         up


*Mar  1 01:17:52.019: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.1

*Mar  1 01:17:57.023: %CAPWAP-3-ERRORLOG: Invalid event 40 & state 2 combination.

*Mar  1 01:17:57.139: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address, mask, hostname APa0ec.f951.ed07

*Mar  1 01:19:02.639: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address, mask, hostname APa0ec.f951.ed07

Translating “CISCO-CAPWAP-CONTROLLER”…domain server (

*Mar  1 01:19:08.519: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.

*Mar  1 01:19:17.519: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER Not in Bound state.

*Mar  1 01:20:03.019: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.

*Mar  1 01:20:08.023: %CAPWAP-3-ERRORLOG: Invalid event 40 & state 2 combination.

*Mar  1 01:20:08.139: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address, mask, hostname APa0ec.f951.ed07

Translating “CISCO-CAPWAP-CONTROLLER”…domain server (

*Mar  1 01:20:14.019: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.

*Mar  1 01:20:23.019: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER Not in Bound state.

*Mar  1 01:21:08.519: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.

*Mar  1 01:21:13.523: %CAPWAP-3-ERRORLOG: Invalid event 40 & state 2 combination.

*Mar  1 01:21:13.639: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address, mask, hostname APa0ec.f951.ed07

And because of this TFTP is losing connection to the AP and hence I couldn’t get the code downloaded to the AP.

To come out of this issue, on the DHCP server configuration I excluded all the addresses in the subnet except the initial 3 addresses.

So, is the default gateway (SVI), is left for AP to obtain and is the TFTP server (PC).

With this change every time when AP reset the DHCP address it will always get what I want him to get which is and, in this way, I was able to get the image downloaded.

ap#sh flash:

Directory of flash:/

2  -rwx         331   Jan 1 1970 00:11:27 +00:00  info

8  drwx        2496   Mar 1 1993 01:40:27 +00:00  ap3g2-k9w7-mx.153-3.JC

3  -rwx           5  Jun 30 2020 17:33:44 +00:00  private-config

4  -rwx        1581  Jun 30 2020 17:33:44 +00:00  config.txt

5  -rwx          64  Jun 30 2020 17:26:45 +00:00  sensord_CSPRNG0

6  -rwx       12312  Jun 30 2020 17:33:44 +00:00  private-multiple-fs

69  -rwx       98735  Jun 30 2020 17:28:02 +00:00  event.log

70  drwx         448   Mar 1 1993 00:00:15 +00:00  configs

71  -rwx          64  Jun 30 2020 17:26:45 +00:00  sensord_CSPRNG1

7  -rwx         325  Jun 30 2020 17:33:40 +00:00  env_vars

79  -rwx         146  Jun 30 2020 17:23:51 +00:00  capwap-saved-config-bak

77  -rwx         146  Jun 30 2020 17:18:51 +00:00  capwap-saved-config

78  -rwx       74238  Jan 26 2018 16:20:04 +00:00  event.capwap

87  -rwx         114  Jun 30 2020 17:27:20 +00:00  pnp-saved-config

97  -rwx       95008  Jun 30 2020 17:19:27 +00:00  lwapp_reap.cfg.bak

31739904 bytes total (18131968 bytes free)

Then, I updated the boot file using below command and reloaded to make sure AP comes up with the new code.

ap#config t

Enter configuration commands, one per line.  End with CNTL/Z.

ap(config)#boot system flash:/ap3g2-k9w7-mx.153-3.JC/ap3g2-k9w7-mx.153-3.JC



Building configuration…



*Jun 30 17:41:32.039: %SYS-5-CONFIG_I: Configured from console by consoleoad

Proceed with reload? [confirm]

Writing out the event log to flash:/event.log …

During troubleshooting I also went into boot mode to get the image but that didn’t work. So, I had to disable the manual boot otherwise, AP never boots from the flash automatically and you must manually boot it from the right image.

ap(config)#do sh boot

BOOT path-list:      flash:/ap3g2-k9w7-mx.153-3.JC/ap3g2-k9w7-mx.153-3.JC

Config file:         flash:/config.txt

Private Config file: flash:/private-config

Enable Break:        yes

Manual Boot:         yes

Enable IOS Break:    no

HELPER path-list:

NVRAM/Config file

buffer size:   32768

Mode Button:    on

Radio Core TFTP:

To update the boot method the command is:

ap(config)#no boot manual

ap(config)#do sh boot

BOOT path-list:      flash:/ap3g2-k9w7-mx.153-3.JC/ap3g2-k9w7-mx.153-3.JC

Config file:         flash:/config.txt

Private Config file: flash:/private-config

Enable Break:        yes

Manual Boot:         no

Enable IOS Break:    no

HELPER path-list:

NVRAM/Config file

buffer size:   32768

Mode Button:    on

Radio Core TFTP:


Windows Run Commands

Administrative Tools

Administrative Tools = control admintools
Authorization Manager = azman.msc
Component Services = dcomcnfg
Certificate Manager = certmgr.msc

ODBC Data Source Administrator = odbcad32
File Signature Verification Tool = sigverif
Group Policy Editor on local computer = gpedit.msc
Group Policy Editor on domain controller = gpmc.msc
Active Director user and computers = dsa.msc
Add Hardware Wizard = hdwwiz.cpl
iSCSI Initiator = iscsicpl
Iexpress Wizard = iexpress

Local Security Settings = secpol.msc
Microsoft Support Diagnostic Tool = msdt
Microsoft Management Console = mmc
Print management = printmanagement.msc
Printer User Interface = printui
Problems Steps Recorder = psr
People Near Me = p2phost

Registry Editor = regedit or regedt32
Resoure Monitor = resmon
System Configuration Utility = msconfig

Resultant Set of Policy = rsop.msc
SQL Server Client Configuration = cliconfg

Task Manager = taskmgr
Trusted Platform Module = tpm.msc
TPM Security Hardware = TpmInit

Windows Remote Assistance = msra
Windows Share Folder Creation Wizard = shrpubw
Windows Standalong Update Manager = wusa
Windows System Security Tool = syskey
Windows Script Host Settings = wscript
Windows Version = winver
Windows Firewall with Advanced Security = wf.msc
Windows Memory Diagnostic = MdSched
Windows Malicious Removal Tool = mrt

Computer Management

Computer Management = compmgmt.msc or CompMgmtLauncher
Task Scheduler = control schedtasks
Event Viewer = eventvwr.msc

Shared Folders/MMC = fsmgmt.msc
Local Users and Groups = lusrmgr.msc

Performance Monitor = perfmon.msc
Device Manager = devmgmt.msc
Disk Management = diskmgmt.msc
Services = services.msc

Windows Management Infrastructure = wmimgmt.msc
Conrtol Panel

Control Panel = control
Action Center= wscui.cpl
Autoplay = control.exe /name Microsoft.autoplay

Backup and Restore = sdclt
Create a System Repair disc = recdisc
BDE Administrator = bdeadmin.cpl
Color Management = colorcpl
Credential Manager = control.exe /name Microsoft.CredentialManager
Credential Manager Stored User Names and Passwords = credwiz
Date and Time Properties = timedate.cpl

Default Programs = control.exe /name Microsoft.DefaultPrograms

Set Program Access and Computer Defaults = control appwiz.cpl,,3 or ComputerDefaults

Devices and Printers = control printers
Devices and Printers Add a Device = DevicePairingWizard
Display = dpiscaling
Screen Resolution = desk.cpl
Display Color Calibration = dccw

Cleartype Text Tuner = cttune
Folders Options = control folders
Fonts = control fonts
Getting Started = GettingStarted
HomeGroup = control.exe /name Microsoft.HomeGroup
Indexing Options = control.exe /name Microsoft.IndexingOptions
Internet Properties = inetcpl.cpl

Keyboard = control keyboard
Location and Other Sensors = control.exe /name Microsoft.LocationandOtherSensors
Location Notifications = LocationNotifications
Mouse = control mouse or main.cpl

Network and Sharing Center = control.exe /name Microsoft.NetworkandSharingCenter
Network Connections = control netconnections or ncpa.cpl

Notification Area Icons = control.exe /name Microsoft.NotificationAreaIcons
Parental Controls = control.exe /name Microsoft.ParentalControls

Performance Information = control.exe /name Microsoft.PerformanceInformationandTools

Personalization = control desktop
Windows Color and Appearance = control color

Phone and Modem Options = telephon.cpl
Power Configuration = powercfg.cpl
Programs and Features = appwiz.cpl or control appwiz.cpl

Optional Features Manager = optionalfeatures or control appwiz.cpl,,2
Recovery = control.exe /name Microsoft.Recovery
Regional and Language = intl.cpl
RemoteApp = control.exe /name Microsoft.RemoteAppandDesktopConnections

Sound = mmsys.cpl
Volume Mixer = sndvol
System Properties = sysdm.cpl or Windows logo key + Pause/Break

SP ComputerName Tab = SystemPropertiesComputerName
SP Hardware Tab = SystemPropertiesHardware
SP Advanced Tab = SystemPropertiesAdvanced
SP Performance = SystemPropertiesPerformance
SP Data Execution Prevention = SystemPropertiesDataExecutionPrevention
SP Protection Tab = SystemPropertiesProtection
SP Remote Tab = SystemPropertiesRemote

Windows Activation = slui
Windows Activation Phone Numbers = slui 4
Taskbar and Start Menu = control.exe /name Microsoft.TaskbarandStartMenu
Troubleshooting = control.exe /name Microsoft.Troubleshooting

User Accounts = control.exe /name Microsoft.UserAccounts
User Account Control Settings = UserAccountControlSettings
User Accounts Windows 2000/domain version = netplwiz or control userpasswords2

Encryption File System = rekeywiz
Windows Anytime Upgrade = WindowsAnytimeUpgradeui
Windows Anytime Upgrade Results = WindowsAnytimeUpgradeResults
Windows CardSpace = control.exe /name Microsoft.cardspace
Windows Firewall = firewall.cpl
WindowsSideshow = control.exe /name Microsoft.WindowsSideshow
Windows Update App Manager = wuapp

Calculator = calc
Command Prompt = cmd
Connect to a Network Projector = NetProj
Presentation Settings = PresentationSettings
Connect to a Projector = displayswitch or Windows logo key + P
Microsoft Paint = mspaint.exe
Remote Desktop Connection = mstsc
Snipping Tool = snippingtool
Sound Recorder = soundrecorder
Sticky Note = StikyNot
Sync Center = mobsync

Windows Mobility Center (Only on Laptops) = mblctr or Windows logo key + X
Windows Explorer = explorer or Windows logo key + E
Wordpad = write
Ease of Access Center = utilman or Windows logo key + U
Magnifier = magnify
Narrator = Narrator
On Screen Keyboard = osk
Private Character Editor = eudcedit
Character Map = charmap

Ditilizer Calibration Tool = tabcal
Disk Cleanup Utility = cleanmgr
Defragment User Interface = dfrgui
Internet Explorer = iexplore
Rating System = ticrf
Internet Explorer (No Add-ons) = iexplore -extoff
Internet Explorer (No Home) = iexplore about:blank
Phone Dialer = dialer
Printer Migration = PrintBrmUi

System Information = msinfo32
System Restore = rstrui

Windows Easy Transfer = migwiz
Windows Media Player = wmplayer
Windows Media Player DVD Player = dvdplay
Windows Fax and Scan Cover Page Editor = fxscover
Windows Fax and Scan = wfs
Windows Image Acquisition = wiaacmgr
Windows PowerShell ISE = powershell_ise
Windows PowerShell = powershell
XPS Viewer = xpsrchvw

Open Documents folder = documents
Open Pictures folder = pictures
Open Music folder = music
Open Videos folder = videos
Open Downloads folder = downloads
Open Favorites folder = favorites
Open Recent folder = recent
Logs out of Windows = logoff
Locks User Account = Windows logo Key + L

How to obtain maximum number of subnets and hosts from a give IP address

Let’s assume that the given IP address is and the mask is

Or simply in CIDR notation

Steps to find out the number of hosts:

  1. Find out the block and subtract it by 2. Why 2? Because in a given network address, 1 bit is always reserved for network and one for broadcast address.

Let’s find the block, take the last octet of the subnet mask (224) and subtract it from 256; 256-224=32. So 32 is the block or the range for this ip address. And if you subtract 2 from 32, you get 30. And that’s the number of host achievable from this network. Easy!

Now what about the subnet?

  1. Let me show another way of finding both the subnets and hosts. Again it is very easy!

For this we need to convert the subnet mask into binary number and distinguish the two (subnet & host):


From this we come to know that all 0s are the bits reserved for host and all 1s are reserved for subnets.

Now we know that this particular ip address belongs to Class B that means, first two octets are reserved for network and remaining two are for subnets and hosts.


Therefore, subnet is 2^11= 2048 and host 2^5-2=30

TCL (Tool Command Language)

TCL is an open source scripting language. It is incorporated into cisco ios routers operating system and is available on many other vendors’ networking devices.

There are three primary reasons why network administrator should learn it. If network admins have a firm hand on tcl is definitely a VAS (Value Added Skill).

  1. Better Automation
  2. Increased Security
  3. Remote Command Line Applications


This tcl example will test connectivity between routers with ping command. The ping command is embedded inside this simple tcl script.

AccessServer(tcl)#foreach address {
+>} { ping $address }

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/31/60 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/24/44 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/38/52 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/42/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/56/84 ms



TCL Home Page

Documentation and Demos

How to recover your lost wifi password from your PC (Windows)

This particular solution is applicable only on following scenario.

  1. That your PC had a wifi connection to the existing wifi router.
  2. That you forgot the wifi password and not able to get it back from wifi router also.

NOTE: This solution provides wifi password recover, not hacking and snooping into other wifi networks! and current wifi ssid in this document is blurred for security purpose.


Open command prompt in administrator privileges and type in the command to see the list of wifi APs

—-netsh wlan show profiles – This command will list out the wifi AP with their SSID (wifi name).






Now you need to select the wifi name for which you need to recover the password. To do so type the following command.

—- netsh wlan show profiles [wifi name]–This will show all information about the wifi network and SECURITY KEY (PRESENT) means it has a password.










Now to recover the password type in the following command.

—-netsh wlan show profiles (wifi ap name) key=clear—This command will reflect the password under security settings-> Key Content.


DHCP Snooping

DHCP Snooping:

DHCP Snooping is a layer 2 technique that ensures IP integrity on a layer 2 switched domains by stooping Rouge DHCP servers. How?

  1. By enabling DHCP snooping on Switches
  2. By enabling DHCP snooping on VLAN
  3. And by enabling DHCP snooping trusted ports

What is Rouge DHCP Server and how does it affect networks?

Rouge DHCP Server is an unauthorized destructive DHCP server that is planted intentionally to sniff, reroutes frames, causes man in the middle attacks (MITM), DOS attacks and DHCP starvation attacks (exhausting). But some time it also happens accidentally by plugging in DHCP sever enabled devices in the network, such as Internet modems and WIFI routers.

How does this happen?

DHCP is used to auto-configure the connection information for devices that do not have static IP assignments set.  Unless specifically configured to work together, multiple DHCP servers can cause clients and network devices to receive IP addresses, subnet masks, gateway IP addresses, and other information that can conflict with how the network should be working.  In case of accidental issue the clients after getting the IP addresses, subnet masks, gateway IP addresses is put into situation where the client has nowhere to go and cannot access the corporate network services. However, in case of malicious action it can cause lot more damages, such as DHCP Starvation (exhausting), DOS attach and MITM attacks. And the tricky part in these attacks is the clients have no clue of it. Hence, DHCP snooping is a layer 2 technique to mitigate such attacks.

How does DHCP snooping mitigate these threats and attacks?


The DHCP snooping feature performs the following activities:

  • Validates DHCP messages received from untrusted sources and filters out invalid messages.
  • Rate-limits DHCP traffic from trusted and untrusted sources.
  • Builds and maintains the DHCP snooping binding database, which contains information about untrusted hosts with leased IP addresses.
  • Utilizes the DHCP snooping binding database to validate subsequent requests from untrusted hosts.


The default trust state of all interfaces/port is untrusted. You must configure DHCP server interfaces as trusted. You can also configure other interfaces as trusted if they connect to devices (such as switches or routers) inside your network. You usually do not configure host port interfaces as trusted.