Browsing All posts tagged under »Cisco ASA«

Custom Monitoring of Cisco ASA with Lynx and Cacti

May 6, 2014

12

On packetpushers.net somebody wrote an articel about automatically get the outputs of show command of the cisco asa with lynx. That makes it possible to see if a specific counter for a feature, service or process or just interface counter changes, mainly increases, but you cannot see the size of the increase. In troubleshooting it […]

Lynx for Cisco ASA Management

December 10, 2013

3

Yes this is madness! A really old school browser can help me in managing cisco asa firewalls! I have just found this link, since I am developing perl scripts to manage cisco asa firewalls. http://packetpushers.net/interacting-with-the-cisco-asa-cli-using-the-https-interface/ Lynx saves about 50 lines of perl code for me and works much more faster as my perl script with […]

Cisco ASA troubleshooting commands

September 18, 2013

22

With my requirements for any networking layer 3 security device I collected the basic commands that you have to know or you will not be able to manage your device. 1.0 Check the basic settings and firewall states Check the system status Check the hardware performance Check the High Availability state Check the session table […]

perl script to query cisco asa

September 17, 2013

0

I wanted to issue show command on multiple firewalls without any expensive software. I have found a script here https://docs.google.com/document/d/1Q0TfyezOTCKZ7DF2kPBps_7LG80D3BJLrFDuOwBUZNI/edit?pli=1 This script is good and can be used as a base. I have changed it a bit. See the pic. I should not hide the codes in pic ;-) . It is here in the […]

Analysing Cisco ASA connection table

September 16, 2013

10

The “show connection all” command shows the actual session table of a Cisco ASA firewall. If the output is not more million entry you can create a top list from it with a perl script I made. (Actually you can work with an output of more million entry as well, but it may require more […]

Certficate renewal – how was it after years?

April 18, 2012

0

Actually you cannot renew an existing certificate, but you can generate a new one with the same subject and same mandatory fields. For that you have to generate a certificate request again within a new trustpoint and not with the old one. The issuer of the previous certificate should sign the new certificate request and […]

Export and import the trustpoint

March 16, 2012

0

To test something in a Lab with another firewall or migrate a whole VPN with certificate to another ASA firewall we have a possibility to migrate the certificate of the firewall to another one. To do it so easily on a Checkpoint firewall  will be always just a dream… The exported data holds the followings: […]

Certificate authentication and LDAP authorization with Anyconnect

July 15, 2011

2

This is a log analysis of a successful login with cisco Anyconnect. If the configuration is ready it is always useful to make a successful test with the system and raise the logging to the highest level in the meantime and save it before the first problem comes. It will come… From this log analysis […]

Configuring remote access vpn with IKEv1, IKEv2 and SSL in the same time

March 9, 2011

5

With the following configuration and with sufficient license we should be able to connect to our Cisco ASA firewall with Cisco Anyconnect and with the new Anyconnect Secure Mobility Client (the first Cisco IKEv2 client) and with the old Cisco VPN client with IKEv1, that is natively supported on some Apple devices, like an IPad. […]

Create a free website or blog at WordPress.com.