Cisco ASA: Updating and Copying files from USB
KB ID 0001377 Problem Cisco ASA firewalls have had USB sockets on them for a while, but a dig into the documentation only yielded, ‘for use in future releases’. Well they are working now! Note: Firewall shown is a 5516-X (running version 9.8(1)) Solution Your drive needs to be formatted as FAT (not NTFS), I’m going to update/install some AnyConnect client software, but there’s nothing to stop you uploading a...
Updating FirePOWER Module (From ASDM)
KB ID 0001348 Problem Normally I don’t like upgrading the SFR this way. But then I tend to install new firewalls set them up and walk away, so its easier (and a LOT quicker) to simply image the module to the latest version and then set it up. Like So; Re-Image and Update the Cisco FirePOWER Services Module This week I had an existing customer, who has an ASA5508-X but wasn’t using his FirePOWER, I’d installed the...
AnyConnect – “Connection attempt has failed due to server communication errors’
KB ID 0001279 Problem We had a firewall fail at work this week, as part of the rebuild the latest OS was put on it, version 9.7(1). I thought no more about it until I tried to VPN in and got this; I used my Windows 10 VM and that connected fine, only my MacBook could not connect, this VPN tunnel is a big deal I need it to get onto client’s networks. I tried my other VPN connections and every one was fine, only the recently...
Upgrade vSphere vCenter Appliance to Version 6.5
KB ID 0001265 Problem Here I’m upgrading from version 6.0 to 6.5, the process creates a new vCenter appliance, then migrates all your settings into it, finally it then shuts down the old appliance and brings up the new one. Note: This procedure is ‘non-invasive’ i.e. it does not affect your production VMs, a vSphere environment can run for about 60 days without it’s vCenter, all that you would lose is the...
Upgrade Your Microsoft PKI Environment to SHA2 (SHA256)
KB ID 0001244 Problem This is pretty much PART TWO of two posts addressing the need to migrate away from SHA1 before February 2017. Back in PART ONE we looked at how to upgrade the ROOT CA. It does not matter if it’s an offline or online root CA the process is the same. In many organisations their PKI is multi tiered, they either have a RootCA <> SubCA, or a ROOTCA <> IntermediateCA <> IssuingCA. (which is...