Cisco ASA Disable ESMTP Inspection
Nov17

Cisco ASA Disable ESMTP Inspection

Telnet to Exchange on Port 25 shows a row of Asterisks? KB ID 0000536 Problem Yesterday my colleague Ben called me over to the help-desk and asked “Have you ever seen this before?” This was what was on his screen. 220 *************************************************** Solution Usually when you Telnet to an Exchange server it gives you a 220 message followed by the “Banner” of the Exchange server, a little...

Read More
Juniper SRX Firewall – Allow ‘Ping’
Nov17

Juniper SRX Firewall – Allow ‘Ping’

KB ID 0000706  Problem I was working on an SRX100B Firewall yesterday, and needed to be able to ping the outside interface. Solution Note: You can quickly enable ping on a physical interface from CLI like so; set security zone security-zone trust interface ge-0/0/0 host-inbound-traffic system services ping 1. Log into the web console of the Juniper. 2. Navigate to Security > Zones/Screen > Select the ‘Untrust’ Zone...

Read More
Juniper SRX Firewall – Allow Web Management from Outside
Nov17

Juniper SRX Firewall – Allow Web Management from Outside

KB ID 0000708  Problem Assuming you already have web management enabled, and you want to access it from the outside (the untrusted zone). Solution 1. Log into the web console of the Juniper. 2. Navigate to Security > Zones/Screen > Select the ‘Untrust’ Zone > Edit > Host inbound traffic – Interface > Select the Outside interface > Under Interface services add in ‘http’ > OK. 3. Then...

Read More
Troubleshooting Phase 1 Cisco Site to Site (L2L) VPN Tunnels
Nov17

Troubleshooting Phase 1 Cisco Site to Site (L2L) VPN Tunnels

KB ID 0000216 Problem Site to Site VPN’s either work faultlessly straight away, or involve head scratching and a call to Cisco TAC, or someone like me to come and take a look. If I’m honest, the simplest and best answer to the problem is “Remove the Tunnel from both ends and put it back again”. Just about every VPN tunnel I’ve put in that did not work, was a result of my fat fingers putting in the wrong...

Read More
Cisco Firewalls ‘My Prompt has changed / Disappeared’
Nov17

Cisco Firewalls ‘My Prompt has changed / Disappeared’

KB ID 0000226 Problem Whilst messing around with my home firewall, I noticed that it no longer displayed the hostname on the command prompt,I checked Telnet and SSH, the results were the same. Solution Option 1 from Command Line I’d managed to change the default setting for “prompt” 1. Log into the Firewall > go to “enable” mode then “Configure Terminal” mode. prompt ? 2. To change it back...

Read More