Cisco ASA – Changing the Outside IP Address
KB ID 0001081 Problem I see this question get asked a lot on forums, most people never touch the firewall, ‘if it’s working leave it alone’. And that’s great until you move offices, or get a newer faster (or cheaper) Internet connection. What if you have lots of public IP addresses? What if you have VPN’s (or AnyConnect clients). What’s the best way to do this with a minimum of downtime? Note: If...
Cisco AnyConnect Error “The VPN client driver has encountered an error”
KB ID 0000347 Problem I rolled out AnyConnect for a client this week, and saw this error on one of the clients. Error Reads: The VPN client driver has received an error. Solution A quick search of web forums etc, sent me all over the place, the most promising link told me to do the following, Repair This issue is due to Cisco bug ID CSCsm54689 (registered customers only) . In order to resolve this issue, make sure that Routing and...
Cisco ASA5500 Change the AnyConnect Port
KB ID 0000422 Problem AnyConnect runs over TCP port 443 (That’s HTTPS/SSL), but if you only have one public IP and need to forward that port to a web server or internal host then you are a bit snookered. You can of course change the port that AnyConnect runs over, so that it’s no longer on TCP port 443. Why you would NOT want to do this. Bear in mind that https is a well known port, and its open in most places for secure...
Cisco AnyConnect – Untrusted VPN Server Blocked!
KB ID 0000651 Problem The newest versions of the AnyConnect client now show you the following; If you are seeing this you’re using the (default) self signed certificate, or you connected to an IP address rather than the FQDN. But unlike before, you can now ‘lower’ the security so it does not warn you every time. Solution 1. From the warning screen (shown above) select ‘Change Settings…’. 2. Untick...
Cisco AnyConnect – Securing with Microsoft Certificate Services
Part 2 (How to Configure AnyConnect) KB ID 0001031 Problem Back in Part 1 We configured the Microsoft Certificate Services to meet our certificate needs. Now we configure the firewall for AnyConnect. Solution 1. Log onto the ASA > Go to global configuration Mode. login as: petelong petelong@192.168.100.1’s password:********** Type help or ‘?’ for a list of available commands. Petes-ASA> enable Password: *******...