Browsing All Posts published on »July, 2011«

Fortigate troubleshooting commands

July 18, 2011

17

With my requirements for any networking layer 3 device I collected the basic commands that we have to know or you will not be able to manage your fortigate. Okay, okay this is a bullshit, I just update this page since it is the number one post on my site.. :-) 1.0 Check the basic […]

The nat-control is over

July 17, 2011

0

In the old version of cisco firewalls – Version 6.x – it was not possible to disable nat control. After that cisco gave us the possibility to control it on our own with the command nat-control. This year in Version 8.3 not only the command nat-control, but the commands global, static and alias were deleted […]

Certificate authentication and LDAP authorization with Anyconnect

July 15, 2011

0

This is a log analysis of a successful login with cisco Anyconnect. If the configuration is ready it is always useful to make a successful test with the system and raise the logging to the highest level in the meantime and save it before the first problem comes. It will come… From this log analysis […]

Certificate mapping to anyconnect tunnel-group I.

July 15, 2011

1

I try to configure the ASA to find the tunnel for anyconnect users according the certificate details. The command look like following: firewall(config)# crypto ca certificate map <certificate-map-name> <sequencenumber> Where the sequencenumber is the Sequence to insert into certificate map entry firewall(config)# webvpn firewall(config-webvpn)# certificate-group-map <certificate-map-name> <certificate-map-index> <tunnel-group name> Where the certificate-map-index is the index […]