Cisco AnyConnect – With Google Authenticator 2 Factor Authentication
KB ID 0001256 Problem This was asked as a question on Experts Exchange this week, and it got my interest. A quick search turned up a bunch of posts that said, yes this is possible, and you deploy it with FreeRADIUS and it works great. The problem was, a lot of the information is a little out of date, and some of it is ‘wrong enough’ to make the non-technical types give up. But I persevered, and got it to work. Disclaimer:...
Meraki To Cisco ASA 5500 Site to Site VPN
KB ID 0001255 Problem This was surprisingly easier than I was expecting! Special thanks to Steve for letting me loose on his test network for the Meraki end of the tunnel. Here I’m using an MX 64 Security appliance, and a Cisco ASA 5510. Note: The Meraki device will need a static IP. Solution Configuring Meraki MX Device for VPN to a Cisco ASA From your Meraki dashboard > Security Appliance > Site To Site VPN. If you...
MAC TFTP Software (OS X )
Mac TFTP KB ID 0001247 Problem Every time I go to a networking event theres a sea of MacBooks in the audience, If techs like MacBooks so much why is there such a lack of decent Mac TFTP software? Solution The thing is, I’m looking at the problem with my ‘Windows User’ head on. When I have a task to perform I’m geared towards looking for a program do do that for me. OS X is Linux (There I said it!) Linux in a...
Cisco IOS ‘Crypto’ Unrecognized Command?
KB ID 0001246 Problem I was working on a Cisco 3750-G last week, and I was in the process of setting up SSH access. When I went to generate the crypto key and enable SSH, It fired an error at me. In fact it wouldn’t execute any crypto commands; Core-SW(config)#crypto ? % Unrecognized command Now I have seen this before, (but not for a while). You need to be running a K9 version of the code. A quick ‘show version’...
Cisco ASA – Adding New Networks to Existing VPNs
KB ID 0001240 Problem Note: To add new subnets to an AnyConnect Remote Access VPN, see the following article instead; Cisco ASA – Adding New Networks to AnyConnect VPNs I see this get asked in forums A LOT, so I though I’d get around to getting it written up. If you have an existing VPN to a remote site and then need to add another network how do you do it? Well that depends on where the new network is, and how it’s...
Cisco VPN – Split Tunnel Not Working?
KB ID 0001239 Problem Here I’m dealing with AnyConnect VPNs, but the principles are exactly the same for both remote IPSEC and L2TP VPNs. You connect to your VPN and can no longer browse the internet from your remote location. You can confirm that split-tunnelling is working or not by connecting with your VPN client and looking at the routing information. Solution Before proceeding are you sure Split-Tunnelling has ever been...