Get Free Cisco AnyConnect Licences For COVID-19 Homeworkers
Mar17

Get Free Cisco AnyConnect Licences For COVID-19 Homeworkers

KB ID 0001661 Problem Cisco released information on their blog a few days ago to say that they would be offering free Umbrella, Duo and AnyConnect Licences to customers in the wake of the the COVID-19 outbreak. Thats great news, but there’s no information on how to get the AnyConnect licences. It just says speak to your Cisco partner. As I am a Cisco partner I was confused, and it seems my colleagues were also. So I contacted...

Read More
VMware Edge Gateway VPN to Cisco ASA
Feb18

VMware Edge Gateway VPN to Cisco ASA

KB ID 0001658 Problem I was asked to setup a VPN to help out a colleague this week. When I had a look, one end turned out to be an Edge Gateway, I wasn’t that concerned, I’d done similar things in my prior role, I just didn’t have access to the vCloud or VMware at this datacenter. Depite my best efforts on the ASA, the tunnel refused to come up, it took a little looking ‘under the covers’ to accurately...

Read More
AnyConnect Error: Unable To Verify IP Forwarding Table Modifications
Jan30

AnyConnect Error: Unable To Verify IP Forwarding Table Modifications

KB ID 0001646 Problem While attempting to connect to a clients AnyConnect, this happened; The VPN client was unable to successfully verify the IP forwarding table modifications. A VPN connection will not be established. Or on older clients, you may see; The VPN client was unable to modify the IP forwarding table. A VPN connection will not be established. Please restart your computer or device, then try again. Solution I was trying to...

Read More
Get Ready for LDAPS Channel Binding
Jan28

Get Ready for LDAPS Channel Binding

KB ID 0001645 Problem I have written about Enabling LDAPS a long time ago, but it’s a subject that’s about to become important again, so I’ll revisit the subject. Microsoft are about to ‘enforce’ LDAPS authentication against their domain controllers, in the March 2020 round of updates. Now delayed until second half of 2020. What does that mean? Well lookups against LDAP will now need to be secure, (i.e....

Read More
Add a Static (One to One) NAT Translation to a Cisco ASA 5500 Firewall
Nov17

Add a Static (One to One) NAT Translation to a Cisco ASA 5500 Firewall

KB ID 0000691 Problem If you have a spare/available public IP address you can statically map that IP address to one of your network hosts, (i.e. for a mail server, or a web server, that needs public access). This is commonly referred to as a ‘Static NAT’, or a ‘One to One translation’. Where all traffic destined for public address A, is sent to private address X. Note: This solution is for firewalls running...

Read More
ASA Local CA Depreciated: Use Windows CA
Nov07

ASA Local CA Depreciated: Use Windows CA

KB ID 0001616 Problem I got an email about this last night, I rarely ever use the ASA as a Local CA, But that has now been completely depreciated, (post version 9.12(x)) The documentation tells us; Local CA server is deprecated in 9.12(1), and will be removed in a later release—When ASA is configured as local CA server, it is enabled to issue digital certificates, publish Certificate Revocation Lists (CRLs), and securely revoke issued...

Read More