Cisco ASA Remote Management via VPN
Apr21

Cisco ASA Remote Management via VPN

ASA Remote Management KB ID 0000984 Problem It’s been ages since I has to do this, I usually just manage firewalls via SSH from outside. But I was out on a client site last week and needed to connect to to my ASA, so I simply connected in via AnyConnect; Note: The same procedure is applicable if you are an IPSEC VPN client, L2TP VPN client, or simply coming in over a site to site VPN link. And attempted to SSH, no joy, I tried...

Read More
macOS – SSH Error ‘No Matching Exchange Method Found’
Oct22

macOS – SSH Error ‘No Matching Exchange Method Found’

Mac SSH Error KB ID 0001245  Problem Certified working all the way up to macOS Ventura version 13.6 Certified working all the way up to macOS Sonoma version 14.1 Certified working all the way up to macOS Sequoia version 15.1 I thought my RoyalTSX had broken today, I upgraded it a couple of weeks ago, and I upgraded to macOS Catalina 10.15 the other day. After this, all my SSH sessions refused to connect with this error;   Unable to...

Read More
Microsoft Azure To Cisco ASA Site to Site VPN
Jan01

Microsoft Azure To Cisco ASA Site to Site VPN

KB ID 000116 Problem The one reason I prefer Cisco over Microsoft is they rarely change things, you learn how to do something and it’s learned. This is the second time have had to write this article purely because the Azure UI has changed!   Virtual Network Gateway Options With VPN’s into Azure you connect to a Virtual Network Gateway, of which there are TWO types Policy Based, and Route Based. This article will deal with...

Read More
Factory Reset a Cisco Firewall
Nov23

Factory Reset a Cisco Firewall

KB ID 0000007  Problem You want to wipe the firewall’s config and revert to the factory settings (passwords blank – management or inside set to 192.168.1.1 and DHCP enabled, with all other settings wiped). Solution 1. Connect to the ASA via the console Cable. CLICK HERE 2. log in and go to configure terminal mode. 3. Execute the following command “config factory-default” 4. Press the space bar a few times to execute the...

Read More
Cisco ASA: Prioritise RDP Traffic
Oct31

Cisco ASA: Prioritise RDP Traffic

KB ID 0001359 Problem I have a client who had two sites, one didn’t have a particularly good internet connection, (which is the actual problem that needed to be solved). But in the interim, he wanted me to prioritise RDP traffic, as his staff were constantly complaining about the speed of their connections. Note: They may be a myriad of reasons why user experience is bad for an RDP session, this was quite simply a bandwidth...

Read More
MAC OSX – Connecting to Cisco IPSEC VPN
May31

MAC OSX – Connecting to Cisco IPSEC VPN

KB ID 0001197  Problem Here we are dealing with the older IPSEC VPN method of remote VPNs, NOT AnyConnect. There is/was a VPN client for Mac OSX which you can still download. But modern versions of OSX have the Cisco IPSec VPN client built into them.  I’m assuming you have already configured the firewall, if not see the article below; Cisco ASA5500 Client IPSEC VPN Access Solution Open your network preferences and add in a new...

Read More
Cisco – Testing AAA Authentication (Cisco ASA and IOS)
Apr17

Cisco – Testing AAA Authentication (Cisco ASA and IOS)

KB ID 0001175  Problem I always forget the syntax for this, and I’ve been meaning to publish this for a while so here you go. If you have AAA setup and people can’t log in, then the ability to test authentication against a user’s username and password is a good troubleshooting step! Usually I’m on a Cisco ASA but I’ll tag on the syntax for IOS as well.   Solution Cisco ASA Test AAA Authentication From...

Read More
Build a PIX Firewall for your test network
Nov17

Build a PIX Firewall for your test network

Working with GNS3 and PEMU – (Part 2) KB ID 0000662  Problem In Part 1 we installed and Licensed our Virtual PIX, now we will give it an IP address and get the firewalls web management console running. To complete this procedure you will need to, 1. Have a TFTP server up and running (CLICK HERE). 2. Know how to connect to a Cisco Firewall (CLICK HERE). Solution Step 1 (Add an interface to your host machine) 1. On your host PC/VM...

Read More
PIX 506E and 501 Firewall Image and PDM Upgrade
Nov17

PIX 506E and 501 Firewall Image and PDM Upgrade

KB ID 0000065  Problem Note: PIX 515E and above, can still be upgraded to version 8.0(4) click here for details Some people will wonder why I’m bothering to write this up, but the truth is, there are LOADS of older PIX firewalls out there in the wild, and all the PIX 501’s and 506E’s that are being retired from corporate use are being bought on ebay, or being put on IT departments test benches. This page deals with...

Read More
Cisco PIX (500 Series) Password Recovery  / Reset
Nov17

Cisco PIX (500 Series) Password Recovery / Reset

KB ID 0000064  Problem If you are locked out of your PIX firewall then you will need to do some password recovery, this procedure will reset the enable password and remove any AAA username and password settings on the PIX. Note: If you have a PIX 520 (This has a floppy drive, and the process is different) CLICK HERE Solution Before You Start ! 1. You need to know the software version that is running on the PIX e.g 6.3(5) or 7.0(1) 2....

Read More