Upgrade Cisco PIX 515E to Version 8.0(4)
and ASDM version 6.1(5) KB ID 0000424 Problem I had to update a Cisco PIX 515E last week, Cisco 500 firewalls are a bit thin on the ground these days, and most of my corporate clients have replaced then with Cisco ASA 5500 firewalls. So as these units are now getting retired, or moved to the test bench, or sold on ebay. I thought I’d document probably the last one I did for posterity, and to help anyone else out. Note: Cisco...
Cisco ASA – Using ‘logging’ to see what ports are being blocked
KB ID 0000702 Problem If you look after a firewall, sooner or later something will fail, and the blame (rightly or wrongly), will be leveled at the firewall. I came back from holiday this week to find a client had got a problem with secure POP email. The problem had been fixed (temporarily) by dropping the affected users into a group, and opening all ports. As this had fixed the problem then it’s fair to say that the ASA was...
Cisco ASA 5500 – Configuring PPPoE
KB ID 0000831 Problem Until very recently I’d never had to configure PPPoE. Most of my clients in that sort of connection speed range have ADSL with a router provided by their ISP. A Router that connects via PPPoA usually. Here in the UK the main ISP’s (BT and Virgin) are busy rolling out FTTC connections that terminate with a ‘modem’ that presents an RJ45 socket. So without the need for a router, you can get...
Cisco ASA – Find Out VPN Tunnel Uptime
KB ID 0000863 Problem I needed to get the Uptime/Duration of a particular VPN tunnel this week. It was for a client with multiple VPN tunnels that was having problems with just one. Solution Option 1 via Command Line 1. Connect to to the firewall > Go to enable mode and use the following command, replace 123.123.123.123 with the IP of your VPN endpoint. PetesASA> PetesASA> enable Password: ******** PetesASA# show...
Cisco ASA ASDM – Packet Tracer Wont Work
KB ID 0001051 Problem I don’t usually use the graphical packet tracer tool, but I did this week, and this happened; Following error(s) occurred- packet-tracer input inside {protocol} inline-tag -l {source} {source port} {target} {target port} xml %Invalid input detected at ‘^’ marker Solution Well from CLI it worked fine, so I’m guessing it’s a fault in the ASDM. An Internet/forum search threw up a load...