Configuration guides for IT Administrators
Cisco ASA
-
How to setup Cisco ASA in High Availability Active/Standby Failover
⏱︎
Read time:
Read More →: How to setup Cisco ASA in High Availability Active/Standby FailoverIn a highly critical environment, we strongly recommend to setup Cisco ASAs in high availability mode. This way, if the Active ASA unit fails, the Standby unit takes over the role and becomes Active. Before we proceed, you need to ensure that following pre-requisites are met Both Cisco ASA units must be an identical hardware…
-
Apply and Activate Cisco ASA License
⏱︎
Read time:
Read More →: Apply and Activate Cisco ASA LicenseOn every purchase of ASA firewall, Cisco ships product authorization key known as PAK in printed format along with delivery. The steps remain same irrespective of ASA license feature. 1.Login to Cisco registration portal – http://www.cisco.com/go/license and enter PAK key and ASA serial number, then you will get the license key by registered email immediately. Caution: When…
-
Can’t ping ASA inside interface over IPSec VPN
⏱︎
Read time:
Read More →: Can’t ping ASA inside interface over IPSec VPNEven though, IPSec VPN is successfully established between 2 ends of your network, you can’t ping ASA inside over IPSec VPN from the other end. Basically, you cannot remotely manage Cisco ASA through the VPN tunnel. You also noticed that inside interface is reachable from LAN. The problem is with manual NAT statement that overlaps…
-
Configure IKEV1 Site to Site VPN between Cisco ASA and Paloalto Firewall
⏱︎
Read time:
Read More →: Configure IKEV1 Site to Site VPN between Cisco ASA and Paloalto FirewallIn this guide, we are configuring IKEV1 VPN between Cisco ASA and Paloalto firewall. This is applicable to all models of Cisco and PA firewalls. Configure Cisco ASA: 1) Phase 1: IKE policy ciscoasa(config)# crypto ikev1 policy 10 ciscoasa(config-ikev1-policy)# authentication pre-share ciscoasa(config-ikev1-policy)# encryption 3des ciscoasa(config-ikev1-policy)# hash sha ciscoasa(config-ikev1-policy)# group 2 ciscoasa(config-ikev1-policy)# lifetime 86400 ciscoasa(config)# crypto…
-
Cisco ASA Error – AnyConnect package on the secure gateway could not be located
⏱︎
Read time:
Read More →: Cisco ASA Error – AnyConnect package on the secure gateway could not be locatedYou might be experiencing a similar issue while connecting through Cisco ASA AnyConnect to your remote network. Even though you have loaded the proper AnyConnect image to flash, reason for this problem is because Cisco ASA is unable to locate AnyConnect package in the device. In order to fix this issue, configure ASA WebVPN to locate AnyConnect…
-
Copy image to standby Cisco ASA
⏱︎
Read time:
Read More →: Copy image to standby Cisco ASACopy IOS image to standby Cisco ASA unit, for example in order to copy asa942-6-smp-k8.bin from tftp server (10.10.10.10) to Standby ASA disk0, execute following command asa/pri/act#failover exec mate copy /noconfirm tftp://10.10.10.10/asa942-6-smp-k8.bin disk0:/asa942-6-smp-k8.bin Here is useful link to run commands on standby ASA Running Commands on Standby Cisco ASA
-
Running Commands on Standby Cisco ASA
⏱︎
Read time:
Read More →: Running Commands on Standby Cisco ASAIn order to execute Cisco ASA commands on Standby unit, use failover exec as prefix. failover exec is used to execute commands on a specific unit in a failover pair, the syntax is failover exec {active | standby | mate} cmd active – means the command is executed on active ASA unit standby – means the…
-
Alternate to Cisco Client VPN for Windows 10
⏱︎
Read time:
Read More →: Alternate to Cisco Client VPN for Windows 10If you are looking for an alternate software for Cisco Client VPN software, here is the step by step guide to set it up.This worked for me in Windows 10 Pro 64 bit edition computer. Download Shrew VPN Client for Windows. In this guide I used 2.2.2 release. 2. Install the package and choose ‘Standard Edition’…
-
Packet Tracer Phase 9 Type:VPN Subtype:encrypt Result:DR
⏱︎
Read time:
Read More →: Packet Tracer Phase 9 Type:VPN Subtype:encrypt Result:DRWe have an issue of no traffic flow over IPSec VPN, however the VPN is successfully established between Cisco ASA firewalls in Site A and Site B. Using packet-tracer, we are trying to find out the path and status of an icmp packet leaving the firewall. For ICMP, you need to specify ICMP type (8)…
-
Configure Cisco ASA Firepower Services for the first time
⏱︎
Read time:
Read More →: Configure Cisco ASA Firepower Services for the first timeBefore you proceed with configuration, ensure that Source FirePower (SFR) service is up and running on your ASA ASA# sh module Mod Card Type Model Serial No. —- ——————————————– —————— ———– 1 ASA 5506-X with SW, 8GE Data, 1GE Mgmt, AC ASA5506 JAD101600GX sfr FirePOWER Services Software Module ASA5506 JAD101600GX Mod MAC Address Range Hw…
Lucas Brey
I’m Lucas Brey, a travel blogger sharing practical guides, hidden gems, and honest tips from the road. Follow along for smart itineraries, great food finds, and stories worth bookmarking.
Categories
- Active Directory
- AWS
- BIG-IP F5
- BlueHost
- CCNA 200-301
- CCNA Practice LAB
- Cisco
- Cisco ASA
- Cisco Router
- Cisco Switch
- Cisco TelePresence
- Cisco UCS
- Cisco Wireless
- Cloud
- Commands
- Cyberoam Firewall
- DevOps
- Docker
- Elasticsearch
- Firewall
- FortiGate
- General
- HP Switch
- Huawei Router
- Hyper-V
- Linux
- Microsoft365
- MongoDB
- Oracle Cloud
- Paloalto Firewall
- PSExec
- Python
- SEO
- Solaris
- Symantec Messaging Gateway
- Tiny Core Linux
- TM Deep Security
- Tomcat
- tp-link
- Uncategorized
- VMware
- Wordpress
- Zabbix
Tags
- .m4a to .wav
- /bin/false
- /sbin/nologin
- 301 permanent response
- Access Control List
- activation-key
- Active
- AD Group
- Add member to Switch Stack
- airmon-ng
- APN
- ASA allow ping
- ASA AnyConnect Package
- ASA FirePower Services
- ASA IKEv1 Site to Site VPN
- ASA IKEv2
- ASA license
- ASA SFR Setup
- audacity merge
- Auto start stop
- Azure AD
- Azure AD Connect
- Azure AD Join
- AzureAD
- backup mobility express
- Bidirectional Static NAT Cisco ASA
- Bluehost
- Bootstrap
- Brackets
- Cannot start microsoft outlook
- CCNA
- CentOS
- Certificate
- certificate chain expiry
- Certs
- Checklist
- Chrome
- circuit breaking exception
- Cisco
- Cisco 1850
- Cisco 887 WAN
- Cisco AnyConnect
- Cisco ASA
- Cisco ASA Active/Standby
- Cisco ASA AnyConnect
- Cisco ASA Anyconnect SSL
- Cisco ASA CSR
- Cisco ASA Failover
- Cisco ASA High Availability
- Cisco ASA IKEv1 VPN
- Cisco ASA IKEv2 VPN
- Cisco ASA VPN
- Cisco ASDM Windows 10
- cisco cucm user logged in
- Cisco Mobility Express
- cisco router
- cisco stack switch upgrade
- Cisco Switch
- Cisco Switch DHCP
- Cisco Switch Stack
- Cisco Switch tips
- Cisco Telepresence
- cisco ucs ESXi purple error
- Cisco VPN Alternate
- Cisco VPN encrypt drop
- Cisco Wireless
- Cisco WLC
- Cisco WLC Tips
- Cisco WLC upgrade
- cli
- commands
- Commands on standby ASA
- content exists
- Convert CAPWAP to Mobility Express
- could not start pcpu 1 TSC sync timed out
- Country Code F5
- csv mysql
- cyberoam
- Cyberoam Firewall upgrade
- Cyberoam firmware upgrade
- cyberoam GUI access
- Cyberoam IPSec VPN
- Cyberoam Static NAT
- cyberoam WAN
- Data Group iRule
- date
- debug php errors
- debug wordpress
- Deep Security
- default interface
- delegate
- dev fd0
- DHCP in Cisco ASA
- Diagnostic Package
- difference
- Disable
- Disable HTTPS Redirect
- Disable or Forced Offline Pool member
- dlink
- Docker
- double dash
- double hyphen
- Download
- Dynamic NAT
- DynDNS
- Elasticsearch
- empty()
- Enable SSH
- enterprise vault
- err-disabled
- Error
- exchange
- ExchangeOnline
- exit-code
- Expand Disk
- external dynamic list
- F5
- f5 active connections
- F5 APM
- F5 clear LCD
- F5 Data Group
- F5 deployment topology
- F5 Exchange CAS Hostname
- F5 Geo-location
- F5 High Availability
- F5 HSTS
- F5 LACP
- F5 load balancing methods
- F5 logging
- F5 PFS
- F5 SSL offload
- F5 tcpdump
- file empty
- Firefox
- Firewall Feed
- font
- forticlient
- FortiGate
- FortiGate Block Country
- FortiGate Category
- FortiGate CLI
- FortiGate CLI Address Objects
- Fortigate Conflict With Subnet
- Fortigate difference threat feed
- Fortigate GUI Access
- Fortigate IP Address
- Fortigate IP Address Feed
- Fortigate IP Feed
- Fortigate IP Pools
- Fortigate IP Text File
- Fortigate Management Interface
- Fortigate one-to-one NAT
- Fortigate Same Subnet
- FortiGate Security Fabric
- Fortigate Static NAT
- Fortigate Virtual IP
- Free
- Free Tool
- free wav merge files
- FSSO upgrade
- GAL
- Geolocation F5
- get list of program
- get_query()
- get_results()
- get_row()
- get_var()
- Get-MessageTrace
- Global Address List
- GoDaddy
- Google Search Console
- growpart
- Gutenberg
- HP Cisco switch trunk
- HP Switch CLI
- HP switch intervlan routing
- HSRP
- HSTS
- http monitor f5
- https to http redirect
- Hyper-V
- Hyper-V Convert VM
- IKEV1 VPN
- image
- image on standby asa
- Install
- Install-Module
- Installation
- Integrate
- interface bandwidth
- internet
- IPSec between Paloalto and Cisco Router
- IPSec Cisco Router Dynamic IP
- IPSec VPN
- iptables
- IPv6
- iRule
- iRule Commands
- iRule logging
- iRule order
- isset()
- Jasper
- Jetpack
- kali
- kill process in remote pc
- KRACK Attack
- Lab
- Large files
- lcdwarn
- libseccomp2
- Linux
- Linux command
- log rotation
- logging console
- Login Banner
- Loop
- LTM inline character error
- mac-address
- Mailbox
- MailboxPermission
- Manual Install
- Menu
- Meraki Facebook WiFi
- merge wav files
- Microsoft 365
- Mobility Express
- mobility express AP
- Mobility Express CLI Commands
- MongoDB
- Monitor Website
- Move OU
- Msol
- multi-SSID
- multiple SSID
- multiple VLAN
- mysql
- MySQL table size
- NAT
- netplan
- Network Missing
- networkmanager
- new line
- New Outlook
- next line
- No Skype for Business
- Notifications
- ntp
- Office365 Deployment Tool
- Ooredoo
- Ooredoo fiber
- openssh
- Oracle Access Rules
- Oracle Cloud
- Oracle Cloud DB Access Rule
- Oracle Database Cloud Service
- Oracle Java Cloud Firewall
- Orange
- Outlook
- Outlook Classic
- Outlook Rules using powershell
- pa 8.1.0 upgrade
- Packet Tracer
- PacketTracer
- page role
- Palo Alto
- Paloalto
- paloalto firewall
- paloalto firewall upgrade
- Paloalto OpManager
- Paloalto SNMP MIB
- Paloalto Tunnel Monitor
- parsedmarc
- Pass Country Code using iRule
- password reset
- Permission
- php
- php class COM
- ping ASA inside
- PoE vs PoE+ vs UPoE
- Pool members traffic
- port forward
- Port Forwarding in HG8247
- port-channel
- PowerShell
- ppk version 2
- ppk version 3
- Practice LAB
- predownload AP
- preg_split
- Priority
- privilege
- PsExec
- PSSession
- PUTTY
- Python
- remote access vpn
- remotely reboot windows
- Replace
- ReplicaSet
- resize2fs
- route-lookup
- Router
- router factory default
- Routes
- rsyslog
- S3 bucket
- SAN Certificate Symantec Messaging Gateway
- Script error
- Search
- Secure
- Secure Boot
- server
- serverside SSL
- Shrew soft VPN Setup
- Slack
- SNMP
- SNMP v3
- software
- Solaris
- SPF
- ssh
- SSL
- stack upgrade
- Static
- Static NAT Cisco ASA
- subdomain
- Subscription
- Sucuri
- Sudoers
- switch autostate
- Switch back
- switch bandwidth
- Switch DHCP 150
- switch etherchannel
- SX80 Codec 4x Cam
- symantec
- syslog
- tcpdump nnn
- Teams
- Teams PowerShell Module
- Telepresence Firewall Ports
- terminal monitor
- text file
- Themes Editor
- time
- timezone
- tiny core
- tomcat
- tp-link
- Trace email logs
- Trap
- Trend Micro
- Ubuntu
- uccx .wav
- uccx audacity
- uccx audio free converter
- UCCX Master/Slave
- uccx script error
- uninstall ap
- upgrade
- Use Data Group in iRule
- useful
- User
- UUID
- v1
- v2c
- v3
- vCenter 6.5
- Vi
- virtualbox
- VMware
- vpn
- w32tm
- WAN Access
- Weblogic Plugin Enabled
- Website
- Windows Service
- without plugin
- WL-Proxy-Client-IP
- WL-Proxy-SSL
- WLC 8.3.133 Upgrade
- WLC upgrade
- Wordpress
- WordPress Javascript
- WordPress URL Parameter
- wpdb last_error
- wpdb last_query
- wpdb last_result
- X-Forwarded-For
- XAMPP
- XAMPP Control Panel
- xpack.security.encryptionkey
- Zabbix
- Zabbix Port
- Zabbix_get