Cisco ASA 5500 – Adding Licenses
KB ID 0000531 Problem Each model in the Cisco ASA 5500 range comes with a range of licences and features, to add these features you can purchase them from a Cisco reseller. You will then need to apply the licence to the device. Solution 1. Your first step is to purchase the Licence you require from an authorised cisco reseller. 2. When your licence arrives you need to locate the PAK that is on the certificate. 3. You need the Serial...
Cisco ASA – Disable SSLv3 (Force TLSv1.0) – Mitigate POODLE
KB ID 0001052 Problem By default the Cisco ASA will allow connection via SSLv3. The POODLE exploit works by forcing SSL to fall back to SSLv3 and then decrypting that communication. However you are still not completely protected as per this Threat Validation, so the ASA platform can still be attacked via TLSv1.0. Note: At time of writing TLSv1.2 is not supported, but it is on the road-map for version 9.3(2). So this procedure will not...
Cisco ASA ASDM – Packet Tracer Wont Work
KB ID 0001051 Problem I don’t usually use the graphical packet tracer tool, but I did this week, and this happened; Following error(s) occurred- packet-tracer input inside {protocol} inline-tag -l {source} {source port} {target} {target port} xml %Invalid input detected at ‘^’ marker Solution Well from CLI it worked fine, so I’m guessing it’s a fault in the ASDM. An Internet/forum search threw up a load...