Cisco ASA: Prioritise RDP Traffic
Oct31

Cisco ASA: Prioritise RDP Traffic

KB ID 0001359 Problem I have a client who had two sites, one didn’t have a particularly good internet connection, (which is the actual problem that needed to be solved). But in the interim, he wanted me to prioritise RDP traffic, as his staff were constantly complaining about the speed of their connections. Note: They may be a myriad of reasons why user experience is bad for an RDP session, this was quite simply a bandwidth...

Read More
MAC OSX – SSH Error ‘No Matching Exchange Method Found’
Oct13

MAC OSX – SSH Error ‘No Matching Exchange Method Found’

KB ID 0001245 Dtd 13/10/16 Problem I thought my RoyalTSX had broken today, I upgraded it a couple of weeks ago, and I upgraded to macOS Sierra version 10.12 the other day. After this, all my SSH sessions refused to connect with this error; ¬† Unable to negotiate with x.x.x.x port 22: no matching key exchange found. Their offer diffie-hellman-group1-sha1 Solution This is not Apple’s fault, it’s OpenSSH version 7. SHA1 is...

Read More
MAC OSX – Connecting to Cisco IPSEC VPN
May31

MAC OSX – Connecting to Cisco IPSEC VPN

KB ID 0001197 Dtd31/05/16ProblemHere we are dealing with the older IPSEC VPN method of remote VPNs, NOT AnyConnect. There is/was a VPN client for Mac OSX which you can still download. But modern versions of OSX have the Cisco IPSec VPN client built into them.¬†I’m assuming you have already configured the firewall, if not see the article below;Cisco ASA5500 Client IPSEC VPN Access¬†SolutionOpen your network preferences and add in a...

Read More
Cisco – Testing AAA Authentication (Cisco ASA and IOS)
Apr17

Cisco – Testing AAA Authentication (Cisco ASA and IOS)

KB ID 0001175 Dtd 14/04/16ProblemI always forget the syntax for this, and I’ve been meaning to publish this for a while so here you go. If you have AAA setup and people¬†can’t log in, then the ability to test authentication against a user’s username and password is a good troubleshooting step!Usually I’m on a Cisco ASA but I’ll tag on the syntax for IOS as well.¬†SolutionCisco ASA Test AAA Authentication...

Read More
Microsoft Azure To Cisco ASA Site to Site VPN
Mar12

Microsoft Azure To Cisco ASA Site to Site VPN

KB ID 0001166 Dtd 12/03/16ProblemGiven the amount of Cisco work, and the amount of Microsoft work I do I’m surprised I’ve never had to do this before. The call came in this week for a client who had a Cisco 5512-X firewall and wanted to get a site to site VPN into Microsoft Azure. Some efforts had been made, but the tunnel had refused to come up.Well I’ve never even logged into Azure, ¬†(why would I ?) I work for a...

Read More
Build a PIX Firewall for your test network
Nov17

Build a PIX Firewall for your test network

Working with GNS3 and PEMU – (Part 2) KB ID 0000662 Dtd 09/11/09 Problem In Part 1 we installed and Licensed our Virtual PIX, now we will give it an IP address and get the firewalls web management console running. To complete this procedure you will need to, 1. Have a TFTP server up and running (CLICK HERE). 2. Know how to connect to a Cisco Firewall (CLICK HERE). Solution Step 1 (Add an interface to your host machine) 1. On...

Read More