Meraki To Cisco ASA 5500 Site to Site VPN
Nov08

Meraki To Cisco ASA 5500 Site to Site VPN

Posted By on Nov 8, 2016

KB ID 0001255  Problem This was surprisingly easier than I was expecting! Special thanks to  Steve for letting me loose on his test network for the Meraki end of the tunnel. Here I’m using an MX 64 Security appliance, and a Cisco ASA 5510. Note: The Meraki device will need a static IP. Solution Configuring Meraki MX Device for VPN to a Cisco ASA From your Meraki dashboard > Security Appliance > Site To Site VPN. If you...

Read More
Cisco ASA – Allowing Microsoft Activation
Sep15

Cisco ASA – Allowing Microsoft Activation

Posted By on Sep 15, 2016

KB ID 0001237  Problem   Activation occurs over TCP 80 and 443, so usually this will not trip you up. However if you are on a site with a very restrictive firewall config, then you might want to add the following. Solution I’ll break with the norm, and just post the config in its entirety, (just remove the comments in red.) !The Firewall needs a domain name of its own. ! domain-name petenetlive.com ! !Setup DNS Lookups so the...

Read More
Cisco ASA IKEv2 – ‘Failed To Allocate Memory’
Jul09

Cisco ASA IKEv2 – ‘Failed To Allocate Memory’

Posted By on Jul 9, 2016

KB ID 0001218  Problem This week I was trying to get a VPN tunnel up for a client. They wanted a tunnel from their Cisco ASA into Microsoft Azure. Normally I’d use IKEv1 (because I know how to troubleshoot it!) But the guys running the site in Azure were using policy routing, which needs IKEv2. So I converted from IKEv2 to IKEv2. As I said I’m used to debugging IKEv1, but not IKEv2, so I was struggling to make sense of...

Read More
Cisco ASA – Active / Active Failover
Dec10

Cisco ASA – Active / Active Failover

Posted By on Dec 10, 2015

KB ID 0001114 Usually when I’m asked to setup Active/Active I cringe, not because its difficult, its simply because people assume active/active is better than active/standby. I hear comments like ‘we have paid for both firewalls lets use them’, or ‘I want to sweat both assets’. The only real practical use cases I can think of for Active /Active are; You have a multi-tenancy environment and want to offer...

Read More
Event ID 3033
Nov17

Event ID 3033

Posted By on Nov 17, 2015

KB ID 0000130  Problem You receive an Event ID 3033 error, with the following description, ‘The average of the most recent <?> heartbeat intervals used by clients is less than or equal to <?>. Make sure that your firewall configuration is set to work correctly with Exchange ActiveSync and direct push technology. Specifically, make sure that your firewall is configured so that requests to Exchange ActiveSync do not...

Read More