Access a Windows Share Through a Firewall
KB ID 0001061 Problem I needed to access a folder on a server in a clients DMZ the other week, and the thought struck me ‘I have no idea what ports I need to open to accomplish this?’ Solution Bear in ming I’m just talking about the ports that need to be open, you will still need to authenticate to the remote machine with a user-name and password (unless you have the share wide open which I would not advise). The...
Windows Server 2008 R2 – Configure RADIUS for Cisco ASA 5500 Authentication
KB ID 0000688 Problem Last week I was configuring some 2008 R2 RADIUS authentication, for authenticating remote VPN clients to a Cisco ASA Firewall. I will say that Kerberos Authentication is a LOT easier to configure, so you might want to check that first. Solution Step 1 Configure the ASA for AAA RADIUS Authentication 1. Connect to your ASDM, > Configuration > Remote Access VPN. > AAA Local Users > AAA Server Groups. 2....
HP MSM765zl and 775zl – Initial Setup and Routing
KB ID 0000917 Problem The MSM 765zl and 775zl, unlike the rest of the HP MSM controller series, do not have any physical Ethernet ports on them. So before you can get to its web management interface, you need to be able to give it an IP address, and then the controller needs to be able to find a route back to where you are, assuming you are not on a flat unrouted/single VLAN. Obviously if you are directly connected to the same...
Cisco Router – CBAC and Zone Based Firewall Setup
KB ID 0000937 Problem IOS 11.2 gave us CBAC, and IOS 12.4(6)T gave us the Zone Based Firewall. You can still use either, (providing you are running the correct IOS, or in the case of version 15 and upwards, added the correct license, ‘securityK9’). For older IOS versions usually you want the advipservices version of the IOS). Solution Run the following command to see if you have the correct license installed....
Replace an ASA 5505 with an ASA 5506-X
KB ID 0001091 Problem Given the amount of ASA work I do it’s surprising that the first time I saw an ASA 5506-X was last week (I’ve been working on larger firewalls for a while). I’m probably going to have to do a few of these over the next couple of years so I’ll update this article as things surface. Solution Q: Can I just copy the config from an ASA 5505 to an ASA 5506-X? A: No, that would be nice, truth be...