Cisco ASA VPN Static to Dynamic IP (DHCP)
KB ID 0001683 Problem I had a call with a client last week, they are in one of my employer’s DCs, and their servers are behind a vASA. They had purchased some Meraki MX devices for their IT team who were working remotely (during the Covid-19 lockdown), and were struggling. Normally we would just suggest AnyConnect, but these guys were building new machines for their clients, and needed access directly to the domain from their...
Cisco FTD Deploy AnyConnect (from FDM)
KB ID 0001682 Problem In this article I will focus on ‘Remote Access’ VPN, which for Cisco FTD means using the AnyConnect client. Ive spent years deploying this solution for ASA so it’s a product I know well. As with all things Cisco, there are a couple of things that could trip you up. Let’s get them out of the way first. If you are used to AnyConnect then you probably have the client software. It’s the...
Cisco FTD Site to Site VPN
KB ID 0001681 Problem While working out how to create a VPN on the Cisco FTD (Firepower 1010), I thought I might as well set it up to the Cisco ASA that I have in the Data Center on my test network. This is what I’m connecting; Create Site to Site VPN On Cisco FTD (using FDM) Using a web browser connect to the devices FDM > Site to Site VPN > View Configuration. Create Site-to-site-connection. Connection profile name:...
Remove and Reinstall Microsoft WSUS
KB ID 0001679 Problem I don’t like WSUS, the product is OK (ish) the problem with it is, every time it’s deployed, typically the person it was deployed for never looks after it, or manages it properly, and months/years later it becomes a massive ‘bag of spanners’, which is never the client’s fault, it’s always the poor guy who built it, or the support company’s fault. If you run WSUS, log into...
Configure Cisco FTD Port Forwarding (via FDM)
KB ID 0001680 Problem You have a Cisco FTD device that you manage via FDM, and you would like to setup port forwarding. In the example below I will forward TCP Port 80 (HTTP) traffic from the outside interface of my FTD Device (Firepower 1010) to an internal web server on 10.254.254.212 Solution (Step 1: Create an FTD NAT Policy) Using a web browser connect to the FDM > Polices > NAT > Add. Set the following options; Title:...
Cisco Firepower 1010 (FTD) Initial Setup
KB ID 0001678 If you’re here you’ve either purchased a new Cisco Firepower device running FTD (FirePower Threat Defence) or have re-imaged your Firepower device from ASA to FTD code. On its factory defaults, the unit will have the following settings. Inside IP address (VLAN 1) 192.168.1.1 (on all interfaces from 2 to 8). Outside IP Address set to DHCP in interface 1. Management IP address 192.168.45.1 on the Management...
Reimage Cisco 1010 ASA to FTD
KB ID 0001677 Problem Sorry it’s taken me a while to get round to this, every time I do some work on the firewall I need to kill the internet at home, and I’ve got a wife and two daughters, who live online! So if you follow the site you will know I’ve got a Cisco Firepower 1010 device, and I’ve been looking at it running the ASA code. Now here’s how to ‘re-image’ the device with the FTD...
Microsoft Outlook ‘Search’ Not Working
KB ID 0001676 Problem When attempting to perform a ‘Search’ whilst in Microsoft Outlook, you encounter a problem (it’s not working). Something went wrong and your search couldn’t be completed. Solution Let’s be clear here, I’m dealing a problem on the ‘client side’ either with Outlook itself, or with Windows indexing. If you have multiple clients with their mailboxes in an...
Windows Server: Disabling SSL 3.0, TLS 1.0, and TLS 1.1
KB ID 0001675 What are these protocols? Both SSL and TLS are cryptographic protocols designed to secure communications over a network (remember the internet is just a network). Originally we had SSL version 1 and version 2. But they were, (to be honest) ‘a bit bobbins’ and full of security holes, so never really took off. Version 3 however did and was widely supported. The problem with version 3 was, (again) that was also ‘bobbins’....
Cisco: Getting a SKU (Product ID) From a Serial Number
KB ID 0001674 Problem I had a situation a couple of weeks ago where I had the serial numbers for a bunch of Cisco switches, I needed to get some extended cover for them, but what I didn’t have were the Cisco SKU (Stock Keeping Unit) codes. Solution You will need to have a Cisco CCO login, once you have that go here > Add devices. Give the device a name, (it does not matter what) > Paste in the serial number > Add. Boom,...