Apple Devices will not Update Though Cisco ASA and CSC Module
KB ID 0000575 Problem I had a client with this problem the other week, we tracked the problem to the ASA&CSC by simply bypassing the CSC module for the the IP address of the device. So I knew the problem WAS the CSC but not why, or how to fix it. The client in question had a valid SmartNet so they called TAC for a resolution. Solution It turns out that this is a bug, that was first found in CSC version 6.3.1172.4 (at time of...
Android AnyConnect Error
KB ID 0000537 Problem While using the Android/Cisco Anyconnect App/Client you receive the following error. Error: The secure gateway has rejected the agent’s VPN request. A New connection requires re-authentication and must be started manually. Please contact your network administrator if this problem persists. The following message was received from the security gateway: No License. Solution The most pertinent information above...
Android – Using the Cisco AnyConnect Client
KB ID 0000539 Problem You have an Android device* and you would like to create a remote VPN connection to a Cisco device running AnyConnect. Note: This is not a walkthrough on how to configure AnyConnect, for that go here. Be aware that in addition to your SSL VPN licences your Cisco ASA device also needs a “AnyConnect Mobile” license. If you do not have one you will receive this error. *Note: At time of writing...
Replace an ASA 5505 with an ASA 5506-X
KB ID 0001091 Problem Given the amount of ASA work I do it’s surprising that the first time I saw an ASA 5506-X was last week (I’ve been working on larger firewalls for a while). I’m probably going to have to do a few of these over the next couple of years so I’ll update this article as things surface. Solution Q: Can I just copy the config from an ASA 5505 to an ASA 5506-X? A: No, that would be nice, truth be...
Windows 10 – Running the Cisco VPN Client Software
KB ID 0001097 Problem OK, firstly why are you still using the IPSEC VPN client? It’s not only gone ‘End-of-life’, it went end of support in July 2014. {That’s my Cisco Partner bit done}. So you have an old IPSEC Remote VPN solution and can’t afford an upgrade to AnyConnect? Now your shiny Windows 10 machines are complaining when you try and install the VPN client software. Error 27850. Unable to manage...
Download Cisco VPN Client Software
KB ID 0001098 Problem The Cisco VPN client software (CVPN-CL-IPSEC-ALL) is no longer available from Cisco. Milestone Definition Date End-of-Llfe Announcement Date The date the document that announces the end of sale and end of life of a product is distributed to the general public. July 29, 2011 End-of-Availability Date The last date to download the product from Cisco.com. The product is no longer for download after this date. July...
Cisco – Error opening tftp://255.255.255.255/cisconet.cfg
KB ID 0001099 Problem A friend was rolling out some PC’s for a client and wanted me to give him a network with the same subnet etc so he could build everything on the bench. I grabbed a router and set it up for DHCP, and to NAT all traffic for him, but annoyingly it kept doing this; %Error opening tftp://255.255.255.255/cisconet.cfg (timed out) %SYS-4-CONFIG_RESOLVE_FAILIURE: System config parse from...
Cisco FireSIGHT – Enable Active Directory (LDAP) Authentication
KB ID 0001102 WARNING this is for older versions of the FirePOWER Management Platform, go to the following link for newer versions Cisco FirePOWER Management Appliance – Allowing Domain Authentication Problem To save you creating multiple users on your FireSIGHT appliance, and assigning roles to them you can utilise your existing Active Directory. In fact FireSIGHT does a good job of enabling granular administration based on AD...
Cisco ASA 5500-X Restart the FirePOWER Service Module
KB ID 0001101 Problem I’ve only just recently started to work with these, the advantage of them is they are great for SOHO and SMB, and they don’t need additional SSD drives installing. Note: This also procedure works on the larger ASA5500-X firewalls that have Firepower installed on an internal SSD drive, (i.e. 5512,5515,5525, and 5545 etc.) While getting them to work with a Sourcefire appliance, I had to...
Cisco AnyConnect – PAT External VPN Pool To An Inside Address
KB ID 0001104 Problem I got sent to Holland this week to look at a firewall deployment, and while I was sat in the Airport, I was going over the job I had to do, when I realised the solution I had suggested had a problem see below; My brief was to provide remote AnyConnect VPN into the network so the client could get their network setup, and manage things remotely. However as I drew the network out in my head I realised that the...