Cisco Router – Configure NAT (NAT Overload)
May11

Cisco Router – Configure NAT (NAT Overload)

Posted By on May 11, 2025

 NAT Overload KB ID 0000971  Problem NAT is the process of taking one or more IP addresses and translating it/them into different IP addresses. You may require your router to translate all your internal IP addresses to your public (ISP allocated) IP address. To do that we use a process called NAT Overload. Solution : Nat Overload 1. Connect to the router, and got to enable mode, then global configuration mode. PetesRouter#configure...

Read More
Cisco ASA Domain Authentication and Trust (Allowing)
May08

Cisco ASA Domain Authentication and Trust (Allowing)

Posted By on May 8, 2025

ASA Domain Authentication KB ID 0000973  Problem I cringed this morning when I was asked about this, last time I had to get a client to authenticate to a domain through a firewall, it was ‘entertaining’. The problem is Windows loves to use RPC, which likes to use random ports, so to make it work you either had to open TCP ports 49152 and 65535 (Yes I’m Serious). Or you had to registry hack all your domain controllers...

Read More
VMware – Replace the ESX Certificate
May07

VMware – Replace the ESX Certificate

Posted By on May 7, 2025

ESX Certificate KB ID 0000974  Problem ESXi comes with a self-signed certificate, and for most people that’s fine, but some clients want to have a ‘Trusted’ certificate on theirs, and have their own PKI infrastructure for issuing them. Below I will generate a new certificate for my ESXi server using the Active Directory Certificate Services role on Windows Server 2012. Then replace the self-signed certificate with my new...

Read More
Cisco ASA – Remote VPN Client Internet Access
May02

Cisco ASA – Remote VPN Client Internet Access

Posted By on May 2, 2025

VPN Client Internet Access KB ID 0000977 Problem I have answered a lot of questions in forums, that are worded something like, “When I have a remote client connected to my firewall VPN they lose Internet access!” Traditionally that’s exactly what the ‘default’ remote VPN Internet  access (IPSEC or AnyConnect) gave you. To ensure your remote VPN clients can access the Internet you have two options. The...

Read More
Windows – Firewall Group Policy
May01

Windows – Firewall Group Policy

Posted By on May 1, 2025

  Firewall Group Policy KB ID 0000979  Problem For everyone who simply does not disable the Windows firewall, then you need to be able to manage what ports are open on your machines. The simplest way to do this is via firewall group policy. This week I had to open TCP port 9503 on the local firewall of my McAfee Move Offload Servers. Below I will open that port on all my machines, but in production I will only apply the GPO to...

Read More