RDP to Multiple Servers with a Cisco PIX/ASA Firewall
Nov17

RDP to Multiple Servers with a Cisco PIX/ASA Firewall

KB ID 0000167  Problem WARNING: Allowing RDP traffic from ‘any’ IP this is a monumentally bad idea, ONLY allow RDP traffic from trusted hosts/networks, or better still, limit RDP to clients/locations the have their traffic protected by VPN. You want to connect via “Remote Desktop” to multiple servers behind your firewall. To do this you have three options. Note: This is an old article that refers to ‘pre...

Read More
Set Cisco ASA for Kerberos Authentication
Nov17

Set Cisco ASA for Kerberos Authentication

KB ID 0000039 Problem You want to set up a Cisco ASA to authenticate users (VPN access for example). Solution Kerberos can only be used as an authentication protocol on the ASA, so its fine for allowing VPN connections but not for assigning policies etc. To work both the ASA and the domain need to be showing accurate time. Step 1: Set the ASA to get time from an External NTP Server 1. Log onto the ASA > Go to “Enable...

Read More
Cisco ASA – Only Allow Mail Servers SMTP Outbound
Nov17

Cisco ASA – Only Allow Mail Servers SMTP Outbound

KB ID 0000172  Problem It’s not unusual for nasty Virus’s and Malware once they have infected a machine, to set up outbound communications on the mail protocol SMTP (TCP Port 25), which can lead to your public address being blacklisted. So it’s considered good practice to stop all your clients getting mail access outbound through your firewall, while still allowing your mail server. Note: On Cisco firewall’s,...

Read More
DNS resolves intermittently – EDNS Problems
Nov17

DNS resolves intermittently – EDNS Problems

KB ID 0000312 Problem DNS resolves intermittently, and your Exchange outbound mail may fail and give the following error: The following recipient(s) could not be reached: user@domain.com on (Date Time). There was a SMTP communication problem with the recipient’s email server. Please contact your system administrator. <(Domain.com) #5.5.0 smtp;550-Domain does not recognize your computer (xx.xx.xxx.xxx) as connecting from an...

Read More
SmoothWall site to site (IPSEC) VPN to Cisco ASA
Nov17

SmoothWall site to site (IPSEC) VPN to Cisco ASA

KB ID 0000436  Problem You would like to put in a site to site VPN from a site that has a SmoothWall firewall to another site that has a Cisco ASA. Note: This procedure was carried out on a SmoothWall UTM 1000 Series appliance, and uses a pre-shared key to authenticate the VPN. Solution 1. For The Cisco end of the configuration, you can configure it from command line see here, or from the ASDM see here.. 2. Connect to the...

Read More