RDP to Multiple Servers with a Cisco PIX/ASA Firewall
KB ID 0000167 Problem WARNING: Allowing RDP traffic from ‘any’ IP this is a monumentally bad idea, ONLY allow RDP traffic from trusted hosts/networks, or better still, limit RDP to clients/locations the have their traffic protected by VPN. You want to connect via “Remote Desktop” to multiple servers behind your firewall. To do this you have three options. Note: This is an old article that refers to ‘pre...
Set Cisco ASA for Kerberos Authentication
KB ID 0000039 Problem You want to set up a Cisco ASA to authenticate users (VPN access for example). Solution Kerberos can only be used as an authentication protocol on the ASA, so its fine for allowing VPN connections but not for assigning policies etc. To work both the ASA and the domain need to be showing accurate time. Step 1: Set the ASA to get time from an External NTP Server 1. Log onto the ASA > Go to “Enable...
Cisco ASA – Only Allow Mail Servers SMTP Outbound
KB ID 0000172 Problem It’s not unusual for nasty Virus’s and Malware once they have infected a machine, to set up outbound communications on the mail protocol SMTP (TCP Port 25), which can lead to your public address being blacklisted. So it’s considered good practice to stop all your clients getting mail access outbound through your firewall, while still allowing your mail server. Note: On Cisco firewall’s,...
DNS resolves intermittently – EDNS Problems
KB ID 0000312 Problem DNS resolves intermittently, and your Exchange outbound mail may fail and give the following error: The following recipient(s) could not be reached: user@domain.com on (Date Time). There was a SMTP communication problem with the recipient’s email server. Please contact your system administrator. <(Domain.com) #5.5.0 smtp;550-Domain does not recognize your computer (xx.xx.xxx.xxx) as connecting from an...
SmoothWall site to site (IPSEC) VPN to Cisco ASA
KB ID 0000436 Problem You would like to put in a site to site VPN from a site that has a SmoothWall firewall to another site that has a Cisco ASA. Note: This procedure was carried out on a SmoothWall UTM 1000 Series appliance, and uses a pre-shared key to authenticate the VPN. Solution 1. For The Cisco end of the configuration, you can configure it from command line see here, or from the ASDM see here.. 2. Connect to the...