Cisco: Getting a SKU (Product ID) From a Serial Number
Apr28

Cisco: Getting a SKU (Product ID) From a Serial Number

KB ID 0001674 Problem I had a situation a couple of weeks ago where I had the serial numbers for a bunch of Cisco switches, I needed to get some extended cover for them, but what I didn’t have were the Cisco SKU (Stock Keeping Unit) codes. Solution You will need to have a Cisco CCO login, once you have that go here > Add devices. Give the device a name, (it does not matter what) > Paste in the serial number > Add. Boom,...

Read More
AnyConnect – ‘VPN establishment capability for a remote user..
Apr24

AnyConnect – ‘VPN establishment capability for a remote user..

KB ID 0000546  Problem If you connect to to a client via RDP then try and run the AnyConnect client, you will see one of these errors; VPN establishment capability for a remote user is disabled. A VPN connection will not be established   VPN establishment capability from a Remote Desktop is disabled. A VPN connection will not be established This, behaviour is default, and despite me trawling the internet to find a solution (most...

Read More
Cisco Firepower 1010 Configuration
Apr23

Cisco Firepower 1010 Configuration

KB ID 0001673 Background This page will be used as a central repository and ‘index’ for configuration on the Cisco Firepower 1010 series firewall. I intend to add to it as I test the capabilities and work out any problems whilst trialing/deploying and operating this platform. Config Documents VPN Firepower 1000 series running ASA Code. General Cisco Firepower 1010 Licensing Reimage Cisco 1010 ASA to FTD VPN EZVPN Is not...

Read More
Cisco Firepower 1010 Licensing
Apr22

Cisco Firepower 1010 Licensing

KB ID 0001672 Problem So we have unboxed and setup our Firepower 1010 device, simply logging into the ASDM fires off warnings that it’s only running DES and I need to register the unit go get any decent level of encryption, (seriously why is 3DES still an ‘add on’ licence, who is still doing 56bit encryption!)  So let’s get is registered and licenced. Solution The ‘Licence Envelope’ in the box is...

Read More
Cisco ASA: Mixing TCP and UDP in Object-Groups
Apr15

Cisco ASA: Mixing TCP and UDP in Object-Groups

KB ID 0001668 Problem I like object-groups, they can make your firewall configs a lot smaller/neater and if you need to add a host, network, range, or port, then you can simply add the new requirement to an existing group. But what if you want to allow both UDP and TCP ports, you can create a service group for TCP and add the ports and a service group for UDP and add the ports, and add them into your ACL where you would expect ports...

Read More
macOS: ASDM Developer Cannot Be Verified
Apr10

macOS: ASDM Developer Cannot Be Verified

KB ID 0001667 Problem When trying to connect to a Firepower 1010 ASDM I was met with this; “Cisco ASDM-IDM.app” cannot be opened because the developer cannot be verified. macOS cannot verify that this ap is free from malware Solution If you’ve spent much time using macOS then this is quite common, Open System Preferences > Security and Privacy > General tab > You will see a warning about the Cisco ASDM-IDM...

Read More