Cisco ASA – Allow Remote Management
KB ID 0000173 Problem Quite a while ago I wrote the “Connecting to and managing Cisco firewalls” article, which is still pretty complete, but I’ve been asked on a few occasions, “How do I actually configure the firewall to allow remote administration via, SSH, or HTTPS/ASDM, or Telnet If you have no network connection to the firewall, then you will need to connect via console cable (CLICK HERE). Solution...
Cisco ASA No Debug Output?
KB ID 0001477 Problem I see this get asked in forums A LOT, typically the poster has another problem they are trying to fix, someone has asked them to debug the problem and they cant see any debug output. Solution Firstly you need to understand what logging is, and how debugging fits within it. (Bear with me, this is good knowledge to have). The firewall saves logs in syslog format, and there are 8 Levels of logs, the one with the...
Cisco AnyConnect With Server 2016 NPAS (RADIUS) Different Groups
KB ID 0001474 Problem A few years ago I replaced a firewall that was setup like this, and while it took me a while to work out what was going on, I remember thinking it was an elegant solution. Fast forward to today, and I’m now working with the guy who set it up! (Kudos to Paul White). So when I had a client with a similar requirement, I sat down fired up the lab, and documented it. What was used; Windows 10 Remote Client...
Unable to Access ASDM – “Unable to launch device manager from…”
KB ID 0000915 Problem A colleague of mine was trying to connect to a firewall via ASDM last week, and was greeted by an error like this. Now this is a pretty standard error, and usually means you haven’t been allowed access, or there isn’t a firewall at that address, but in this case I knew that a) he did have access, b) that was the correct IP address, and c) it worked fine on my machine, so it was setup correctly. As I...
Connecting to and Managing Cisco Firewalls
Also see “Allow Remote Management” KB ID 0000075 Problem To connect to and manage a Cisco firewall you need three things, To be in possession of a password, (and in some cases a username). Have the ‘Method of Access granted to you’ (or have physical access to the firewall). Know a ‘Method of Access’ to the firewall for management. Cisco Firewall Passwords Unless your firewall is brand new (in which...
FirePOWER: ‘No Authentication Required’ No Usernames
KB ID 0001460 Problem When attempting to track Users with FirePOWER, the FMC would not show any usernames? Solution Theres a lot of reasons this might not work, let’s take a look at a few of them. Firstly make sure the server running the ‘user agent’ is listed under System >Integration > Identity Sources > User Agent. It probably goes without saying, but over on server running the user agent, make sure it...