Securing Network Device Access With Cisco ACS (and Active Directory)
KB ID 0000942 Problem For network identification I have tended to use RADIUS (in a Windows NPS or IAS flavour), in the past. I turned my back on Cisco TACACS+ back in my ‘Studying for CCNA’ days, because back then it was clunky and awful. I have a client that will be installing ACS in the near future, so I thought I would take a look at it again, and was surprised at how much more polished it is. As Cisco plans to roll ACS...
Sync Microsoft Domain Time To A Cisco NTP Device
KB ID 0001038 Problem I’ve been posting domain time articles for a long time, and on more than one occasion I’ve really needed to take my Windows time from a Cisco Device and failed miserably. I’ve even used third party NTP software to solve this problem on my own test network. On a client network, my colleague deployed ACS5 this week, I secured the ASA5585-X for AAA and it failed authentication. Logging revealed a...
Cisco CSC Module Error – Activation Warning
KB ID 0000392 Problem You try to connect to your Cisco CSC module, and see the following error. Error: Activation Warning CSC is not activated. Please run setup wizard under Configuration > Trend Micro Content Security > CSC Setup > Wizard Setup to perform setup process. Click OK button to to to Trend Micro Content Security Setup wizard. Naturally if you’ve never setup the CSC you are going to see this, but what if it...
Cisco ASA 5500 – Install and Configure a CSC Module
KB ID 0000731 Problem The Cisco CSC module provides ‘in line’ scanning of POP3, SMTP, HTTP and FTP traffic, to protect against viruses but also for anti spam and anti phish (with the correct licensing). If you are familiar with Trend products, you will like it, (because that’s what it runs), and the interface is much the same as Trend IWSS. It is a hardware device that plugs into the back of the ASA, and comes in...
Cisco Firewalls Changing the Web Management Port
Cisco 5500 Changing the ASDM Port Unable to Port Forward HTTPS KB ID 0000268 Problem You want to change the port that the Cisco ASDM runs over, or you are attempting to port forward https/ssl and see the following error Error: ERROR: unable to reserve port 443 for static PAT ERROR: unable to download policy You are trying to port forward (Create a static PAT entry) on a Cisco ASA for port 443 / https. This port is in use by the ASDM....