If you have a partner at home, that has no IT skills, i think you must have experienced the 'wifi is down' telephone call.
Most of the times it is caused by the ISP that is doing maintentance during the day or, in my case, the kids accidantly disconnect the adapter of the modem for whatever reason
So it is a ordinary day at the office.Your sitting in a regular meeting or concentrating on a incident that you are working on, until suddenly your wife/husband calls and the conversation goes like this (kinda :) )
-The WiFi is down…
-What can i do to fix it
And here it comes; you must come with a plan that is:
With clearly describbed steps to take
In the correct order of action :)
Military precisly timed
Make sure that the stuff that is needed to carry out, is clearly and readable tagged ;)
In my case; it is the masterplan <echo on> 'pull the plugs in correct order </> ;)
Telephone call resumes:
Pull the plug of the modem
-yeah, i'm seeing like… allot of plugs; which one? (OK; add action e to the master plan above; you must make sure that you label your stuff correctly )
Ok, pull the far most left one.
<10 minutes further after unplugging like everything until it sticks…>
-….ehm….. Just checking now….. Heeey!!! It's working again, thanks honey!
You'r welcome. *sigh of releigh*
-*short silence* So I heard from… *interupt*
Have to back to work honey! See you later! Bye!
-Bye hon… <hung up the phone>
And… what was i doing?....
So where does the Cisco EEM (Embedded Event Manager) can help you with?
Wel my current setup at home consists of a ISP Modem in Bridge mode, connecting to my Cisco ASA firewall.
The problem with my ASA is that it cannot resume serving internet connectivity when the modems is briefly down; i must renew the IP address on the outside interface in order to recover from it (also when i get the same public IP back again)
I made two applets in the EEM; the first applet is to check if DNS resolving works for a certain domain and the second applet is triggered when DNS resolving fails. When DNS resolving fails; a entry is logged with a certain SYSlog ID; and that second applet is triggered by that Syslog ID.
You first must make sure that your ASA can resolve Fully Qualified Domain Names correctly; test it by pinging a host (in my case: smtp.ziggo.nl. You should receive a reply; if not you can configure your DNS lookup on your ASA as followed in the illustration below.
Go to Configruation > Device Management > DNS > DNS Client.
1. Add a DNS group with a few DNS servers
2. And enable DNS lookup on the inside interface
After that; test if PING to a FQDN works from the CLI of your ASA; like in my case: ping smtp.ziggo.nl
Now go to Configuration > Device Management > Advanced > Embedded Event Management to add the 2 applets
The first applet wil look like this;
The second one like this. I couldnt fit it in one illustration so i made 2 :)
After adding the 2 applets; you can check its working in the monitorig log by filtering on the description for 'eem'.
The applets are running under the user EEM with high privileges
For the CLI fans; here are the CLI commands:
<output ommited> … event manager applet ping_googledns_a description Ping 184.108.40.206 event timer watchdog time 60 action 1 cli command "ping 220.127.116.11" action 2 cli command "ping smtp.ziggo.nl" output none event manager applet renew_dhcp_vlan2 description Renew ip of vlan2 when syslog id 746016 is detected 5 times within 360 seconds event syslog id 746016 occurs 5 period 360 action 1 cli command "enable" action 2 cli command "config t" action 3 cli command "Interface vlan2" action 4 cli command "dhcp client route distance 1" action 5 cli command "ip address dhcp setroute" action 6 cli command "dhcp-client client-id interface outside" action 7 cli command "end" output none … <output ommited>