AnyConnect: Enable Duo 2Factor Authentication
KB ID 0001650 Problem I was asked if I’d ever set this up the other week. Surprisingly I had not, I’d deployed Duo for other things, but not for Cisco AnyConnect. As I had some other ‘Duo’ related tasks coming up, I was deploying it on the test bench, then adding in my Cisco ASA and AnyConnect wasn’t much more work! Here’s my topology; My ASA is running version 9.1 My Duo Authentication Proxy is...
Cisco Firewall Port Forwarding
KB ID 0000077 Problem Note: This is for Cisco ASA 5500, 5500-x, and Cisco Firepower devices running ASA Code. Note2: If your firewall is running a version older than 8.3 you will need to scroll down the page. Port forwarding on Cisco firewalls can be a little difficult to get your head around, to better understand what is going on remember in the “World of Cisco” you need to remember two things….. 1. NAT Means...
Cisco ASA Site to Site VPN ‘Using ASDM’
KB ID 0000072 Problem Note: This is for Cisco ASA 5500, 5500-x, and Cisco Firepower devices running ASA Code. Do the same from command line Below is a walk-through for setting up one end of a site to site VPN Tunnel using a Cisco ASA appliance – Via the ASDM console. Though if (like me) you prefer using the Command Line Interface I’ve put the commands at the end. click image for full subnet information Solution VPN Setup...
Cisco ASA AnyConnect VPN ‘Using ASDM’
KB ID 0000069 Problem Note: This is for Cisco ASA 5500, 5500-x, and Cisco Firepower devices running ASA Code. Below is a walk through for setting up a client to gateway VPN Tunnel using a Cisco Firepower ASA appliance. This was done via the ASDM console. The video was shot with ASA version 9.13(1) and ASDM 7.13(1). Suggestion: If you are setting this up for the first time, I would suggest setting it up to use the ASA’s LOCAL...
Cisco ASA – Port Forward a ‘Range of Ports’
KB ID 0001111 Note: This is for Cisco ASA 5500, 5500-x, and Cisco Firepower devices running ASA Code. This comes up on forums a lot, some applications and most phone systems require a ‘LOT’ of ports to be open. Normally thats fine you just give the internal IP a static public IP and open the ports. But what if you don’t have a spare public IP? I’ve already covered port forwarding before. Cisco PIX / ASA Port...