Older Posts [2][3][4][5]
Cisco ISE IconServer 2012 - Certificate Services - 'HTTP Error 403.14 - Forbidden'
24/05/15 - I spun up a new Certificate Services server on my test network today, because I needed to issue some certificates for something I'm working on. It was a pretty vanilla build, just the Certificate Services role, and the Web Enrollment feature. [more]
Cisco ISE IconCisco ISE NFR Appliance Setup
22/05/15 - The Cisco ISE NFR appliance is for demos and test bench use, I'm currently building a test lab for ISE so I spun a copy up. I looked at the associated ReadMe.pdf for instructions on the basic setup, and found a hyper-link to the instructions, that didn't work! bah. [more]
VMware IconVMware vSphere - How to Import and Export OVF and OVA Files
22/05/15 - Updated - OVA files are typically used to deploy virtual appliances from. It's the default standard from vendors like Cisco and RSA. So this week when I had to deploy a Cisco ISE appliance, I had to revisit this subject, and found my notes a little out of date.. [more]
Switch IconCisco Catalyst - Configure Ports for VMware ESXi NICs using VLANS
18/05/15 - If you don't need different virtual machines to be in different VLANS on your vSphere/ESXi servers then you probably just connect everything together and it all works fine. I was trying to carve off some hosts into their own VLAN today, and setup a new vSwitch. [more]
vSphere IconvSphere Web Client - Options Greyed Out (Cannot install Client Integration Plug-in)
17/05/15 - While working on the vSphere Web Client in Google Chrome, I was unable to 'Open Console', the option was on the right click menu, but disappeared and was then greyed out after a second or so. [more]
vSphere IconvSphere - Adding Domain Users/Groups to vCenter
16/05/15 - Despite my best efforts to keep working with the VMware VI client, my recent move to a MAC has finally forced me to start using the web client. So when I rebuilt my vCenter this week, I went out of my way to use that. [more]
Dell IconDell DRAC 5 - 'Error when reading from SSL socket Connection'
14/05/15 - Ages ago I did an article on how a Java update has stopped me getting access to the DRAC 5 controller on my Power Edge 2950. Well I had more problems this week trying to get on from my MAC. The problem is, Java have pretty much blocked communications with SSLv3. [more]
Windows IconAccess a Windows Share Through a Firewall
09/05/15 - I needed to access a folder on a server in a clients DMZ the other week, and the thought struck me 'I have no idea what ports I need to open to accomplish this?' [more]
MAC OSX IconMAC OSX - Add 'Open Terminal Window Here' to 'Right Click'
08/05/15 - One of the things I used to like about using Windows was if I needed to drop to command line, I could (from any given location), by simply right clicking (while pressing CTRL) and selecting 'Open Command Window Here. On a MAC I have Terminal but thats not an option. [more]
AD IconMicrosoft LAPS - Deployment and Configuration
07/05/15 - A week ago today, Microsoft released the Local Administrator Password Solution (LAPS). What is does is automatically changes the load administrator password on workstations, (and servers if required) periodically. It then keeps those passwords securely in AD. [more]
Cisco AnyConnect IconASA 5500 AnyConnect - Change Preferred Encryption Cipher Order
03/05/15 - A few days ago I wrote about disabling SSL v3.0 to force your clients to connect with the more secure TLS v1.0. But what if your AnyConnect clients chose to connect with a weaker encryption cipher? The ciphers your firewall offer (by default) will vary depending on what OS your ASA is running. [more]
Cisco ASA IconCisco ASA 5500 - Performing NAT for Two (or More) Internal IP's to a Spare Public IP
30/04/15 - I was in the PIX/ASA area at EE last night, and a poster asked if they could perform NAT on a couple of internal IP addresses to a spare public IP that they had. I had done this for a client some time last year when I performed and upgrade from 8.2. [more]
Switch IconCisco Catalyst - Upgrading IOS (via USB)
22/04/15 - Had a stack of 3560-X switches to update, when I went looking for the notes I used last time, I could not find them. This time I took the time to document the procedure. I could upgrade from TFTP, but I used a spare USB drive and the image 'tar' file, and found it a lot less hassle. [more]
Certificate IconWhy Securing Your VPN Solution With Computer Certificates 'Only' Is A BAD Idea
20/04/15 - I had a ponder on just how difficult this would be to defeat. I had a fully working (certificate based) VPN solution running on the bench that I'd used to 'proof of concept' a clients requirements. So I attempted to compromise that for educational purposes :) [more]
MAC OSX IconMAC OSX - Managing VMware ESXi Hosts
20/04/15 - I have made the transition to a MAC laptop pretty easily, but theres one thing thats still a pain, VMware ESXi servers! I know these days vCenter has a nice shiny web management portal, but ESXi does not. [more]
Cisco AnyConnect IconAnyConnect Client Fails To Get IP From Windows DHCP Server
16/04/15 - A few days ago I did an article on AnyConnect and Windows DHCP. I ran it up on the test bench for a client, and everything worked fine. Doing the install my test 'remote' client failed to get an IP address. [more]
Cisco ASA IconUnable to Access ASDM - "Unable to launch device manager from..."
13/04/15 - UPDATED - I saw this very problem again today, while hardening a firewall I had disabled some SSL encryption ciphers, I had left aes256-sha1 active, and removed the others. Took me a while to realise what had broken it! [more]
Cisco ASA IconCisco ASA - Disable SSLv3 (Force TLSv1.0) - Mitigate POODLE
12/04/15 - By default the Cisco ASA will allow connection via SSLv3. The POODLE exploit works by forcing SSL to fall back to SSLv3 and then decrypting that communication. However you are still not completely protected, [more]
Cisco ASA IconCisco ASA ASDM - Packet Tracer Wont Work
11/04/15 - I don't usually use the graphical packet tracer tool, but I did this week, and it failed, giving me an '%Invalid input detected at '^' marker' error. [more]
Cisco AnyConnect IconAnyConnect - Using a Windows DHCP Server to Lease IP Addresses to the Remote Clients
10/04/15 - I did an AnyConnect design for a client, and they asked 'Instead of using the firewall to lease the DHCP addresses to our remote clients, can we use our Windows DHCP Server?" In the past I've used Windows DHCP servers for IPSEC VPN clients, but recently I've tended to just use the firewall. [more]
Cisco ASA IconCisco ASA - 'Prove it's Not The Firewall!'
09/04/15 - Not only make sure you have not dropped a clanger! But heres the entire process for troubleshooting connectivity though the ASA that should cover most eventualities. Covering packet-tracer, packet capture and logging. [more]
CentOS IconCentOS 7 - Ifconfig Command Not Found
01/04/15 - Although not my strongest subject, I know enough to get by in Linux, so I was a little put out when I tried to run ifconfig, only to be told it could not be found. On an 'out of the box' install you are supposed to use 'ip addr' instead. [more]
CentOS IconCentOS 7 - No Network Connection
01/04/15 - A while ago I spun up a CentOS server in VMware Workstation, and I could not get it connected to the network, I was in a bit of a hurry, so I blew it away and just built a new server with CentOS 6. This week I've been using VirtualBox and spun up a new CentOS 7 server and had the same problem. [more]
MAC OSX IconMAC OSX - Setting File Associations
28/03/15 - This started out as an article on simply 'how to set file associations' but when I tried to associate .jpg files with Photoshop it refused to work, (they stayed associated with the MAC Preview application). [more]
Older Posts [2][3][4][5]