FMC – AMP Malware Inspection
KB ID 0001159 Problem If you take a look in your SourceFire dashboard, and there is no data shown on the malware threat section like so; Solution The message is pretty descriptive, and it’s telling you exactly what you need to do. Now I’m making the assumption that you have added a valid AMP / Malware licence like so; Policies > Access Control > Edit your access control policy > Then Edit the file policy. Add in...
Windows 10 – Installing IIS
KB ID 0001158 Problem I needed to get a web server up and running today, so I could upload some files into a firewall via http. I have a copy of Windows 10 running on my mac in VMware fusion, so that’s what I thought I would use. Solution Open a command window and run appwiz.cpl > Turn Windows features on or off > Internet Information Services > OK > Follow the instructions. Now to test, open a browser window and...
Mac OSX and Linux – Quick and Dirty Web Server
KB ID 0001157 Problem I was clearing out some old emails yesterday, and saw one my colleague Steve had sent me. It was info on how to fire up a quick web server on your mac. It wasn’t until I took a look at it, I realised how handy it was. After some reading, I found that it was not only possible on a mac, but on other flavours of Linux as well, (as long as they support ‘python’ and have it loaded). WHAT USE IS...
AnyConnect Group Authentication With Cisco ISE and Downloadable ACLs (Part 2)
KB ID 0001156 Problem Carrying on from PART 1 Solution Add > Create Before. Edit the Policy Giv the policy set a name and description > Create a new condition. Set Description to Device Type. Equals > All Device Types (The Device Group You Created Above). Add attribute value. Set Description to RADIUS. NAS-Port-Type-[61]. Equals > Virtual. Edit the Authentication Policy. Change the identity source to the the identity...
AnyConnect Group Authentication With Cisco ISE and Downloadable ACLs (Part 1)
KB ID 0001155 Problem To be honest it’s probably a LOT easier to do this with Dynamic Access Policies, but hey, if you have ISE then why not use it for RADIUS, and let it deploy downloadable ACL’s to your remote clients and give them different levels of access, based on their group membership. I’m going to keep things simple, I will have a group for admins that can access anything, and a group for users that can only...
NTP Stratum 1 and Stratum 2 UK Time Servers
KB ID 0001154 Problem There are a LOT of NTP servers lists published. I’ve sat and checked all the servers below, and their DNS resolution, and they are correct as at the date above. Solution Stratum 1 Hostname IP Address Resolvable By Location chronos.csr.net 194.35.252.7 DNS Cambridge Stratum 2 Hostname IP Address Resolvable By Location 0.uk.pool.ntp.org 109.74.206.120 176.58.109.199 94.125.129.7 5.77.45.219 DNS Various...
Applying and Assigning vSphere / ESXi6 Licences
KB ID 0001153 Problem I’ve used the old VI client since version 3, so getting to grips with the vShpere web client has been fun. (I know it’s been out for ages, but I don’t like it sorry!) After rebuilding my test server to ESX 6 and deploying a new vCenter appliance, I was getting the usual nag messages about licensing etc. So I went to install the licences, that’s pretty easy, you can do that from the home...
Cisco ASA – AnyConnect Authentication via LDAP and Domain User Groups
KB ID 0001152 Problem When I first started doing Cisco remote VPNs, we had Server 2000/2003 and I used to use RADIUS with IAS. Then Microsoft brought out 2008/2012 and RADIUS via NAP. Because I fear and loath change I swapped to using Kerberos VPN Authentication for a while. I had to put in an ASA5512-X this weekend and the client wanted to allow AnyConnect to a particular Domain Security Group “VPN-Users”, so I thought I...
Using OSPF over DMVPN
KB ID 0001151 Dtd 03/02/16 Problem This article is a supplement to the earlier one on Setting Up DMVPN. It covers how to use OSPF over the top of DMVPN. This is the topology I’m going to use; As I’ve said (above) this is not a run though on setting up DMVPN, but if you want to spin it up in GNS3, or on the test bench, here’s the DMVPN config; Hub Site configure terminal interface Tunnel10 ip address 192.168.254.1...
Cisco ASDM and Windows 10
KB ID 0001150 Problem Most of the time I’m on my mac for work, but sometimes when the ADSM fails, I switch to a windows VM (in VMware Fusion). I recently upgraded to Windows 10, and for the most part that’s been a painless process. I did notice though, that when I try to run the ADSM, it will let me install the software, then sit there doing nothing? Note: Also see, ASDM on Windows 10: ‘Cannot find Javaw.exe?’...