Cisco ASA: DHCP Relay Over VPN
KB ID 0001501 Problem A few weeks ago this was asked on one of the forums I post in. For a long time the ASA didn’t support DHCP relay then finally in version 9 it was added. The question was, can I provide DHCP relay but have the DHCP server on another site (connected via VPN). Well I wasn’t sure, so I put it on the mental back burner, until I got my EVE-NG server rebuilt. Below I knocked up a simple two site setup, then...
Microsoft Azure To Cisco ASA Site to Site VPN
KB ID 000116 Problem The one reason I prefer Cisco over Microsoft is they rarely change things, you learn how to do something and it’s learned. This is the second time have had to write this article purely because the Azure UI has changed! Virtual Network Gateway Options With VPN’s into Azure you connect to a Virtual Network Gateway, of which there are TWO types Policy Based, and Route Based. This article will deal with...
Cisco ASA – DNS Doctoring
KB ID 0001113 Problem Cisco DNS doctoring is a process that intercepts a DNS response packet as it comes back into the network, and changes the IP address in the response. Why Would you want to do this? Well lets say you have a web server on your network, and its public IP is 111.111.111.111, and on your LAN its internal IP address is 192.168.1.100, its public DNS name, (or URL) is www.yoursite.com. When a user types www.yoursite.com...
Cisco ASA: Remove FTD and Return to ASA and ASDM
Remove FTD KB ID 0001496 Problem A few weeks ago I posted an article about re-image your Cisco ASA to FTD (FirePOWER Threat Defence). Now you may find the the FTD is not as ‘Feature rich’ as your old firewall, or that there’s a ‘Lack of feature parity’, which are two polite ways of saying that it’s crap, (sorry it’s just awful, as usual Cisco should’ve spent a LOT longer developing this...
HPe Synergy 12000 MPIO QSFP to 10GB SFP Setup
KB ID 0001495 Problem I was recently involved in deploying an HPe Synergy 12000 Frame. And the network connections from it were ‘a little unusual’ so I thought I’d document that here, to save anyone else the problems I had. I was connecting to an HP/Aruba 5412 switch so my cables were all HP/Aruba (to be on the safe side). What you can see (above) is the MPIO Cable (K2Q46A P/N 800867-001) fixed onto the left (and...
Factory Reset a Cisco Firewall
KB ID 0000007 Problem You want to wipe the firewall’s config and revert to the factory settings (passwords blank – management or inside set to 192.168.1.1 and DHCP enabled, with all other settings wiped). Solution 1. Connect to the ASA via the console Cable. CLICK HERE 2. log in and go to configure terminal mode. 3. Execute the following command “config factory-default” 4. Press the space bar a few times to execute the...