Currently Browsing: Cisco

IKEv1 & IKEv2

I have been dealing with VPNs for the past 20 Years. Primarily I have used IKEv1 as it was the most used. In this post, I will go over what IKEv1 is and the differences between it and IKEv2. There are RFCs you can read, however if you decide to, you probably don’t like yourself that much. I will try to make...

HSRP Using SLA with Boolean Tracks

Recently, I was at a cutomer’s location that wanted to track an ISP based on multiple locations (e.g. 4.2.2.2 and 8.8.8.8). The customer wanted to make sure that IF 1 of the 2 DNS servers we were pinging, it would not fail-over, however if BOTH pings were lost, then initiate the fail-over. Scenario: Router...

Persistent VPN Profiles in AnyConnect

If you are like me that connects to a multitude of customer’s networks using AnyConnect, you know the headache of the Client not remembering the connections you normally connect to. Here is how to fix that. You will need to create an XML file. Don’t worry it is not so bad….. Add as many connection as...

Uninstalling Web Security from AnyConnect for Mac

You ever had that annoying Web Security pop up using AnyConnect? I did and I kept saying to myself “ I have to disable that” but always found myself doing something else. Finally decided to do it.   sudo /opt/cisco/anyconnect/bin/websecurity_uninstall.sh Thats it. You should be good to go...

Creating a Certificate Signing Request on the ASA

First things first; check the time on your ASA.  You can do this with the following command: show clock If the time is not set correctly, you can set the time zone and use the ‘set clock’ command to set the correct time. Now lets get started.  We first need to create a public/private key pair...

Cisco ACS 5.8 Automated Backups

  Today I attempted to configure our ACS server to backup to our new SFTP server. I deployed the SFTP server using CentOS and ensured that it only allowed the the user to SFTP and not SSH (connections to the bash shell of my box). useradd –m sftpbackup –s /sbin/nologin –g ftpaccess #(create user and...

« Older Entries