Cisco ASA – Remote IPSEC VPN With the NCP Entry Client
KB ID 0001260 Problem I’ve covered Cisco IPSEC Remote VPNs a long time ago, and I’ve also blogged about the Cisco IPSEC VPN Client Software. Yes you can get the Cisco VPN Client Working on Windows 10, but can you imagine rolling that out to a few hundred users? The bottom line is Remote Cisco IPSEC VPN is a dead technology, Cisco, (and Me!) want you to use AnyConnect. For a couple of users you can use the work arounds...
Cisco SFR Session – Cannot Exit To Command Line
KB ID 0001259 Problem This tripped me up once before, and I didn’t document it! Normally if you have a console session open with your FirePOWER Module, (that you opened with a ‘session sfr’ command), then you can just quit, and exit back to the firewall by typing ‘exit’, like so; ciscoasa# session sfr Opening command session with module sfr. Connected to module sfr. Escape character sequence is...
Cisco IOS – How To Find VLAN IPs (SVI’s)
KB ID 0001258 Problem If you have a complicated network, you can spend more time finding out how it’s configured, than actually doing any work on it! Today I had a client that needed some changes made on their LAN, I knew their name, and their network address, and common sense told me which of the core switches they were connected to. Solution A quick search on the client name told me what VRF they were in, and what VLAN they...
Windows Server – Locating, Transferring, and Seizing FSMO Roles
FSMO Roles KB ID 0001257 Problem I’ve written about transferring and sizing FSMO roles, (Flexible Single Master Operations) before, see the following article; Transferring Your FSMO Roles Now you have a PowerShell Commandlet to help ‘Move-ADDirectoryServerOperationMasterRole’. FSMO Roles : Solution As before you can view your FSMO role holders, by using the following command. netdom query fsmo To transfer them to...
Cisco AnyConnect – With Google Authenticator 2 Factor Authentication
KB ID 0001256 Problem This was asked as a question on Experts Exchange this week, and it got my interest. A quick search turned up a bunch of posts that said, yes this is possible, and you deploy it with FreeRADIUS and it works great. The problem was, a lot of the information is a little out of date, and some of it is ‘wrong enough’ to make the non-technical types give up. But I persevered, and got it to work. Disclaimer:...