Cisco ASA EZVPN (Revisited)
Nov23

Cisco ASA EZVPN (Revisited)

Posted By on Nov 23, 2017

KB ID 0001261 Problem EZVPN is a technology that lets you form an ISAKMP/IPSEC VPN tunnel from a site with a dynamically assigned IP (EZVPN Client,) back to a device with a static IP (EZVPN Server). I’ve called this EZVPN revisited, because this is a technology I’ve talked about before. So why am I here again? Well back then I used the ASDM. If you do that now, you need to go in and mess about with things to get it to work...

Read More
Cisco IOS and ASA Showing the Config Without the ‘More’ Breaks/Pauses
Nov17

Cisco IOS and ASA Showing the Config Without the ‘More’ Breaks/Pauses

Posted By on Nov 17, 2015

KB ID 0001017 Problem When looking at a router, switch or firewall running config, it will usually display a page at a time, you can page down with the space bar, or line down with the Enter/Return key. Normally that’s fine, but what if you want to capture (take a quick backup,) of the config? If you do that, and page down you get a copy of the config that looks like this; –More–   Yes, you can delete...

Read More
Cisco ASA – Enrolling for Certificates with NDES
Nov17

Cisco ASA – Enrolling for Certificates with NDES

Posted By on Nov 17, 2015

KB ID 0000948 Problem To get your ASA 5500 firewall to enroll, and obtain a certificate from a Windows Server running NDES, this is the procedure you need to follow. Solution When dealing with certificates, it’s important that your firewall is maintaining the correct time. You can set this manually, but I’d recommend setting up NTP. Cisco ASA – Configuring for NTP 1. Make sure the firewall can contact the NDES...

Read More

Cisco ASA 5585-X Port Numbering

Posted By on Nov 17, 2015

KB ID 0001004  Problem Back at the beginning of the year I had to do a firewall design that included an ASA5585-X, I did some searching to find out how the ports were numbered but came up blank. So I took an (incorrect) educated guess. I unboxed and fired one up today, and ran though the port numbering and orientation, and discovered the correct numbering. Solution Note: This ASA5585-X also has a CX module fitted. The bottom...

Read More
ASA 5585-X Update the CX SSP Module
Nov17

ASA 5585-X Update the CX SSP Module

Posted By on Nov 17, 2015

KB ID 0001005  Problem Every piece of documentation I found on upgrading CX SSP modules was for doing so on models other than the ASA5585-X. The (current) latest CLI guide says; “For the ASA 5585-X hardware module, you must install or upgrade your image from within the ASA CX module. See the ASA CX module documentation for more information.” Yeah good luck finding that! Solution Before I saw the information above I tried...

Read More