Microsoft Azure To Cisco ASA Site to Site VPN
KB ID 000116 Problem The one reason I prefer Cisco over Microsoft is they rarely change things, you learn how to do something and it’s learned. This is the second time have had to write this article purely because the Azure UI has changed! Virtual Network Gateway Options With VPN’s into Azure you connect to a Virtual Network Gateway, of which there are TWO types Policy Based, and Route Based. This article will deal with...
Factory Reset a Cisco Firewall
KB ID 0000007 Problem You want to wipe the firewall’s config and revert to the factory settings (passwords blank – management or inside set to 192.168.1.1 and DHCP enabled, with all other settings wiped). Solution 1. Connect to the ASA via the console Cable. CLICK HERE 2. log in and go to configure terminal mode. 3. Execute the following command “config factory-default” 4. Press the space bar a few times to execute the...
Cisco ASA: Prioritise RDP Traffic
KB ID 0001359 Problem I have a client who had two sites, one didn’t have a particularly good internet connection, (which is the actual problem that needed to be solved). But in the interim, he wanted me to prioritise RDP traffic, as his staff were constantly complaining about the speed of their connections. Note: They may be a myriad of reasons why user experience is bad for an RDP session, this was quite simply a bandwidth...
MAC OSX – SSH Error ‘No Matching Exchange Method Found’
KB ID 0001245 Problem I thought my RoyalTSX had broken today, I upgraded it a couple of weeks ago, and I upgraded to macOS Sierra version 10.12 the other day. After this, all my SSH sessions refused to connect with this error; Unable to negotiate with x.x.x.x port 22: no matching key exchange found. Their offer diffie-hellman-group1-sha1 Note: You may also see the following error; Unable to negotiate with x.x.x.x port 22: no...
MAC OSX – Connecting to Cisco IPSEC VPN
KB ID 0001197 Dtd31/05/16ProblemHere we are dealing with the older IPSEC VPN method of remote VPNs, NOT AnyConnect. There is/was a VPN client for Mac OSX which you can still download. But modern versions of OSX have the Cisco IPSec VPN client built into them. I’m assuming you have already configured the firewall, if not see the article below;Cisco ASA5500 Client IPSEC VPN Access SolutionOpen your network preferences and add in a...
Cisco – Testing AAA Authentication (Cisco ASA and IOS)
KB ID 0001175 Dtd 14/04/16ProblemI always forget the syntax for this, and I’ve been meaning to publish this for a while so here you go. If you have AAA setup and people can’t log in, then the ability to test authentication against a user’s username and password is a good troubleshooting step!Usually I’m on a Cisco ASA but I’ll tag on the syntax for IOS as well. SolutionCisco ASA Test AAA Authentication...