Cisco – LDAP AAA Error ‘AAA Server has been removed”
KB ID 0001271 Problem Seen while attempting to test AAA authentication via LDAP to a Windows domain Controller. Authentication test to host {IP-Address} failed. Following error occurred – ERROR: Authentication Server not responding: AAA Server has been removed Solution This is a terribly ambiguous error! What it means is that the ASA cannot bind to active directory, either because; The ASA bind account password is wrong. The...
Cisco Licence Differences LAN-Lite / LAN Base / IP Base / IP Services
KB ID 0001270 Problem Actually finding the answer to this question is far more challenging than it needs to be! As usual Cisco can change this on a whim so before you purchase any equipment it’s still a good policy to check on the feature navigator. Solution This is about the best reference I’ve found. Although anyone who can tell me what the correct Layer 2 differences between Enterprise Access and Complete Access are,...
Deploy Cisco FirePOWER Management Center (Appliance)
KB ID 0001263 Problem You have been able to manage your firewalls Internal SFR module for while using the ASDM Setup FirePOWER Services (for ASDM) For most people that’s fine, but if you have a lot of FirePOWER devices to manage that does not scale well. In those cases you should use theFMC (FirePOWER Management Center). Here ‘Im going to use the Vmware virtual appliance, (at time of writing there is no Hyper-V version)....
Cisco ASA – Remote IPSEC VPN With the NCP Entry Client
KB ID 0001260 Problem I’ve covered Cisco IPSEC Remote VPNs a long time ago, and I’ve also blogged about the Cisco IPSEC VPN Client Software. Yes you can get the Cisco VPN Client Working on Windows 10, but can you imagine rolling that out to a few hundred users? The bottom line is Remote Cisco IPSEC VPN is a dead technology, Cisco, (and Me!) want you to use AnyConnect. For a couple of users you can use the work arounds...
Cisco SFR Session – Cannot Exit To Command Line
KB ID 0001259 Problem This tripped me up once before, and I didn’t document it! Normally if you have a console session open with your FirePOWER Module, (that you opened with a ‘session sfr’ command), then you can just quit, and exit back to the firewall by typing ‘exit’, like so; ciscoasa# session sfr Opening command session with module sfr. Connected to module sfr. Escape character sequence is...
Cisco IOS – How To Find VLAN IPs (SVI’s)
KB ID 0001258 Problem If you have a complicated network, you can spend more time finding out how it’s configured, than actually doing any work on it! Today I had a client that needed some changes made on their LAN, I knew their name, and their network address, and common sense told me which of the core switches they were connected to. Solution A quick search on the client name told me what VRF they were in, and what VLAN they...