Windows Server 2008 R2 – Configure RADIUS for Cisco ASA 5500 Authentication
KB ID 0000688 Problem Last week I was configuring some 2008 R2 RADIUS authentication, for authenticating remote VPN clients to a Cisco ASA Firewall. I will say that Kerberos Authentication is a LOT easier to configure, so you might want to check that first. Solution Step 1 Configure the ASA for AAA RADIUS Authentication 1. Connect to your ASDM, > Configuration > Remote Access VPN. > AAA Local Users > AAA Server Groups. 2....
Windows and Cisco (IPSEC) VPN Client
KB ID 0000693 Problem I’d been running Windows 8 for a while now. But was the first time I needed to use my Cisco VPN Client software. So I was not happy when this happened. Note: Using VPN Client version 5.0.07.0440 Secure VPN Connection terminated locally by the Client. Reason 442: Failed to enable Virtual Adapter. Solution As it turns out this is a known problem with Windows 8, and there is a work-around. 1. Press Windows...
Mailbox Move Error – ‘Couldn’t switch the mailbox into Sync Source mode’
KB ID 0000795 Problem While attempting to move a mailbox between sites last week I got this; Error details: Couldn’t switch the mailbox into Sync Source mode. This could be because of one of the following reasons: Another administrator is currently moving the mailbox. The mailbox is locked. The Microsoft Exchange Mailbox Replication service (MRS) doesn’t have the correct permissions. Network errors are preventing MRS from...
Cisco Router – Configure Site to Site IPSEC VPN
KB ID 0000933 Problem I’ve done thousands of firewall VPN’s but not many that terminate on Cisco Routers. It’s been a few years since I did one, and then I think I was a wuss and used the SDM. So when I was asked to do one last week thankfully I had the configs ready to go. I’m going to use the IP addresses above, and my tunnel will use the following settings; Encryption: AES. Hashing: SHA. Diffie Hellman:...
Cisco Router – CBAC and Zone Based Firewall Setup
KB ID 0000937 Problem IOS 11.2 gave us CBAC, and IOS 12.4(6)T gave us the Zone Based Firewall. You can still use either, (providing you are running the correct IOS, or in the case of version 15 and upwards, added the correct license, ‘securityK9’). For older IOS versions usually you want the advipservices version of the IOS). Solution Run the following command to see if you have the correct license installed....