Currently Browsing: Cisco

HSRP Using SLA with Boolean Tracks

Recently, I was at a cutomer’s location that wanted to track an ISP based on multiple locations (e.g. 4.2.2.2 and 8.8.8.8). The customer wanted to make sure that IF 1 of the 2 DNS servers we were pinging, it would not fail-over, however if BOTH pings were lost, then initiate the fail-over. Scenario: Router...

Persistent VPN Profiles in AnyConnect

If you are like me that connects to a multitude of customer’s networks using AnyConnect, you know the headache of the Client not remembering the connections you normally connect to. Here is how to fix that. You will need to create an XML file. Don’t worry it is not so bad….. Add as many connection as...

Uninstalling Web Security from AnyConnect for Mac

You ever had that annoying Web Security pop up using AnyConnect? I did and I kept saying to myself “ I have to disable that” but always found myself doing something else. Finally decided to do it.   sudo /opt/cisco/anyconnect/bin/websecurity_uninstall.sh Thats it. You should be good to go...

Creating a Certificate Signing Request on the ASA

First things first; check the time on your ASA.  You can do this with the following command: show clock If the time is not set correctly, you can set the time zone and use the ‘set clock’ command to set the correct time. Now lets get started.  We first need to create a public/private key pair...

Cisco ACS 5.8 Automated Backups

  Today I attempted to configure our ACS server to backup to our new SFTP server. I deployed the SFTP server using CentOS and ensured that it only allowed the the user to SFTP and not SSH (connections to the bash shell of my box). useradd –m sftpbackup –s /sbin/nologin –g ftpaccess #(create user and...

IPSec VPN on Cisco ASA using CLI

Cisco is, in my opinion, the most flexible and scalable VPN solution on the market today.  I have used Cisco ASA for site-to-site VPNs for years and have had over 1200 VPN tunnels on a single set of firewalls.  The beauty comes in the ability to define Phase I and II (explained later) specifically for each...

« Older Entries