Introduction You’ve performed a code upgrade on an ASA firewall and suddenly Rancid decides it won’t login. You’ll get the message: spawn ssh -c 3des -x -l <user> <device> no matching cipher found: client 3des-cbc server aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr Error: Couldn’t login:
SCP Example Cisco ASA to Linux
Introduction I’m adding this here cause sometimes I’m dense and I forget the command. Command Examples copy running-config scp://dave@myVM/home/dave/running-config-scp Source filename [running-config]? Address or name of remote host [myVM]? Destination username [dave]? Destination filename [home/dave/running-config-scp]? Cryptochecksum: 5b1178ff 4db70c26 45645f8f 7ec33023
Cisco ASA Install SSL Cert
Introduction You no longer need to continue using self signed certs as StartSSL offer them for free. If you need to replace or install a cert for the first time to use with an SSL VPN then this is how to achieve
Modify ASA Startup Config
Introduction If you ever need to modify an ASA startup config for example if you are changing internet provider and need your wife to just reboot the device so it works with your new ISP’s PPPoE settings, here’s what you
IPv6 Encapsulation using a tunnel broker
Introduction Ever since I started to learn more information about the IPv4 Internet as we know it and its eventual successor I was intrigued how I could connect to this new version of the Internet. Unfortunately my ISP was not
Cisco ASA regex blocking
Introduction I was actually doing some research on DDOS attacks and what the ASA is capable of, when I came across this little known feature. Regex or regular expressions are used to match text strings or patterns in text. My
ASDM on Windows not Working
Introduction I must admit, I never use a GUI for Cisco gear. I am a CLI guru but it can be useful to have and is preferable for others. The issue I was having though was simple. I could not get
Cisco ASA SSH Public Key Authentication
Introduction SSH is a truly great and secure protocol. We all know we should be using it instead of telnet right. Right, but are you using all of its amazing abilities? Probably not is my guess, cause I wasn’t for
Creating ASA Inspection Maps
Introduction There is confusion around exactly what class-maps, policy-maps and service-policies achieve on an ASA. When you take the time to look into and test, they are fairly easy to master and very powerful. Class Maps Class maps are used