AnyConnect: Allow ‘Local’ LAN Access
KB ID 0001689 Problem Note: This WONT WORK if you ‘force-tunnel’ or ‘tunnel-all’ remote VPN traffic, (if you are unsure Google ‘what’s my ip’ > Take note of it > Connect to AnyConnect and repeat the procedure, if your public IP address has changed to the IP address of the ASA then you force-tunnel/tunnel-all traffic). With more people remote working now, I’m getting a lot more...
Cisco FTD (and ASA) Creating AnyConnect Profiles
KB ID 0001685 Problem A few days ago I did an article on Deploying Cisco AnyConnect with the Cisco FTD, there I glossed over the AnyConnect profile section. For a long time now, we have been able to edit the AnyConnect profile from within the firewall (if we are running ASA code!) But for the FTD we need to take a step backwards and go back to using the ‘offline’ AnyConnect profile editor. Solution Firstly you need to...
Cisco ASA VPN Static to Dynamic IP (DHCP)
KB ID 0001683 Problem I had a call with a client last week, they are in one of my employer’s DCs, and their servers are behind a vASA. They had purchased some Meraki MX devices for their IT team who were working remotely (during the Covid-19 lockdown), and were struggling. Normally we would just suggest AnyConnect, but these guys were building new machines for their clients, and needed access directly to the domain from their...
Cisco Firepower 1010 (FTD) Initial Setup
KB ID 0001678 If you’re here you’ve either purchased a new Cisco Firepower device running FTD (FirePower Threat Defence) or have re-imaged your Firepower device from ASA to FTD code. On its factory defaults, the unit will have the following settings. Inside IP address (VLAN 1) 192.168.1.1 (on all interfaces from 2 to 8). Outside IP Address set to DHCP in interface 1. Management IP address 192.168.45.1 on the Management...
AnyConnect – ‘VPN establishment capability for a remote user..
KB ID 0000546 Problem If you connect to to a client via RDP then try and run the AnyConnect client, you will see one of these errors; VPN establishment capability for a remote user is disabled. A VPN connection will not be established VPN establishment capability from a Remote Desktop is disabled. A VPN connection will not be established This, behaviour is default, and despite me trawling the internet to find a solution (most...
Cisco Firepower 1010 Configuration
KB ID 0001673 Background This page will be used as a central repository and ‘index’ for configuration on the Cisco Firepower 1010 series firewall. I intend to add to it as I test the capabilities and work out any problems whilst trialing/deploying and operating this platform. Config Documents VPN Firepower 1000 series running ASA Code. General Cisco Firepower 1010 Licensing Reimage Cisco 1010 ASA to FTD VPN EZVPN Is not...