Using the Microsoft VPN client through Cisco ASA/PIX
KB ID 0000009 Problem You cannot open a Microsoft client VPN tunnel with a cisco PIX or ASA in front of you on the network. Solution You need the following open (outbound) TCP port 1723 (thats pptp) Protocol 47 (GRE) – note thats a PROTOCOL and NOT a PORT Allow PPTP Client through the ASA via Command Line 1. Connect to the ASA then add PPTP inspection to the default inspection map. PetesASA> PetesASA> en Password: ********...
Cisco ASA 5500 – Error ‘DHCP: Interface ‘inside’ is currently configured as SERVER and cannot be changed to a CLIENT by a CLIENT feature’
KB ID 0000836 Problem I put in an ASA 5505 this week, and while I was setting it up I was getting plagued with these popping up in the command window all the time; DHCP: Interface ‘inside’ is currently configured as SERVER and cannot be changed to a CLIENT by a CLIENT feature DHCP Client: can’t enable DHCP Client when DHCP Server/Relay is running on the interface. Seen here on ASA Version 9.1(1) Solution There not a...
Build a PIX Firewall for your test network
Working with GNS3 and PEMU – (Part 1) KB ID 0000061 Problem Cisco Firewall’s are expensive, I know I own some, and my firm sells them, getting hardware to run on your test bench is difficult enough, but getting high end Cisco equipment is an expensive proposition for your average “Techy”. These days most people run their test networks in virtual environment. I run Hyper-V at at home for Testing and I have my...
Enable DNS Lookup on the Cisco PIXASA
KB ID 0000029 Problem You need the ASA to be able to resolve external hostname’s. Note: You need at least version 8.2(2) before you can use a DNS name in an access-list. Solution Note: In this example I’m using 122.122.122.199 and 122.122.122.198 (yes, they cannot exist!) as the external DNS addresses, substitute your own.</p? 1. Whilst in enable mode > enter configure terminal mode, then enable DNS Lookups....
Backup and Restore a Cisco Firewall.
KB ID 0000076 Problem There are many different versions of PIX and ASA Firewalls. So, if you want to get a backup of the configuration and save it elsewhere, (so in the event of a failure, (or more likely someone tinkering and breaking the firewall)). you will be able to recall and restore that configuration. By far the easiest method is to use a TFTP server – and it works on ALL versions, so learn it once and use it many...
Manage your Cisco Firewall from your Windows Mobile Device
KB ID 0000158 Problem You have a new windows mobile device and your bored! – well not really, I hope I never have to do this in anger but, It was an exercise in proving it can be done 🙂 Solution Before you start you need to ensure the following has been done, 1. The firewall in question needs an RSA Key generating on it, (on the firewall issue the following command “crypto key generate rsa” {without the quotes}. 2....