Cisco
Cisco Stuff.
For the most part the clientele that I have worked with have been unable to afford serious Cisco equipment, so my engagement with it is fairly superficial. I think I understand most of the switching basics prior to the introduction of fabrics and the like. ASAs I never got my head around for some reason.
ASA
Console Commands
(2017-04-26) Some Console Commands # show run | in <string> # more run | begin <string> useful e...
Debug Site to Site VPN
(2013 March 8) Useful commands for a v9.x VPN debug Phase 1: you want to see MM_ACTIVE in the St...
Faking a secondary IP
(2013-04-30) Problem ASA won't let you define a secondary IP on an interface. Solution Fake it wi...
Mailguard
Problem Can't send or receive some messages through a Cisco ASA firewall. Solution Turn off Mailg...
Password Reset
Bypass cisco system configuration Plug in your serial console, reboot the ASA press 'ESC' when it...
ASA 8.0
ASA 8.2
Changing A Remote Gateway IP
(2013-12-05) Problem You have an ASA running 8.2(something). You have a l2l VPN with a remote pee...
Site to Site VPN
(2013-11-12) Problem Site to site VPN with an ASA running 8.2. Solution The local network is 192....
Site to Site VPN with NAT
Problem Setting up a site-to-site VPN using your shiny ASA running 8.2. Your peer has a bunch of ...
ssh_exchange_identification
(2015-06-05) Seems like a terribly late date to still be messing around with clunkers like these,...
ASA 8.3
ASA 8.4
ASA 8.6
ASA 9.1
ASDM on Windows 10
(2015-10-01) Problem ASDM 7.1(3) on Windows 10. Solution Install 32-bit and 64-bit Java-JRE. I i...
DHCP Reservations
(2021-02-25) DHCP Reservations This feature is now supported on ASA in version 9.13(1) and later ...
Port Forward
(2017-02-28) Problem I have firewall with public IP 1.2.3.4. I need to expose ssh the private ser...
Same-interface Hairpin
(2017-05-31) Problem I have a server on my dmz at 192.168.1.10, with a public IP of 1.1.1.1. I ne...
Show Dropped Packets
(2019-09-20) Show Dropped Packets ALBERT# capture TEST type asp-drop all real-time […] ^C ALBERT#...
ASA 9.5
ASA 9.8
Disable TCP Timestamps
(2022-01-08) Problem Some security scanner is complaining that TCP Timestamps are enabled on my A...
Force TLSv1.2 or higher
(2020-01-20) Problem ASA still responding to, and using, protocols less than TLS1.2. AKA: SSLv2 a...
Missing HTTPOnly Cookie Attribute
(2022-01-08) Problem Some security scanner is complaining that there's no 'httpOnly' cookie attri...
PPPoE Session Status
(2021-12-03) Problem What is happening with my PPPoE session? Solution Nothing, probably, but her...
Security Commands
(2019-01-20) Problem Collection of the SSL mitigations I've been collecting. Solution No commenta...
SSH pubkey authentication
(2020-09-25) Problem How to set up an ASA to accept an ssh pubkey? Solution Create a ssh key as n...
Test Authentication Server
(2020-03-18) Problem Is my Radius (or LDAP) server working? Solution # show run | begin aaa-serve...
TLS DH Group Key Length
(2020-01-20) Problem Something like SSL/TLS: Diffie-Hellman Key Exchange Insufficient DH Group St...
Use User's Password As Enable Password
(2020-12-17) Problem I want to use my username password as the enable password in ssh sessions So...
SNMP v3 on ASA
(2024-09-03) Problem SNMP on ASA please Solution snmp-server group GlobalRead v3 priv snmp-server...
Ping ASA interface
(2024-09-18) Problem: Can't ping my ASA. Design: With Cisco ASA, it is impossible to ping any int...