Cisco ASA – Full recovery

René Jorissen on May 24, 2011 1 Comment • Tags: #asa #cisco #full #password #recovery

While trying to perform a password recovery on a Cisco ASA, I noticed that the password recovery feature was disabled on the appliance. Without the password recovery feature enabled, you can recover the Cisco ASA, but the file system will be wiped completely. During the boot of the Cisco ASA you need to press ESC … Read More


Juniper SSG to Cisco ASA VPN with overlapping subnets

René Jorissen on March 29, 2011 0 Comments • Tags: #asa #cisco #juniper #overlapping #screenos #ssg #subnet #vpn

I needed to configure a site-to-site VPN connection between a Juniper SSG firewall and a Cisco ASA firewall. The configuration of a VPN connection is very straightforward, but this time the networks behind the firewalls are overlapping. I have configured the Cisco ASA multiple times in such scenario, but the configuration of the Juniper SSG … Read More


Cisco ASA remote management via VPN

René Jorissen on February 14, 2011 4 Comments • Tags: #access #asa #cisco #interface #management #managementaccess #remote

By default, remote access VPN users aren’t able to manage a Cisco ASA firewall on the inside interface using any kind of management protocol (SSH, telnet, HTTPS). You can enable remote management by specifying the management-access interface. You can specify the interface via the CLI or via the Cisco Adaptive Security Device Manager (ASDM). Both … Read More


Cisco ASA NPE image

René Jorissen on January 4, 2011 1 Comment • Tags: #asa #cisco #encryption #no #npe #payload

I got complains from a customer who wasn’t able to configure 3DES or AES encryption for a VPN tunnel. Sounds familiar with a problem I had a couple of weeks ago. So I gave the customer the advice to upgrade and activate the VPN-3DES-AES feature. He tried but that didn’t solve this problem. I remotely … Read More


Cisco stack: version mismatch

René Jorissen on December 15, 2010 5 Comments • Tags: #archive #cisco #copysw #mismatch #stack #version

When adding a new switch to an existing stack, the new switch should have the same software image as the existing stack member switches. If the new switch has different software, the switch isn’t capable of joining the stack. Switch/Stack Mac Address : 588d.0918.3100 H/W   Current Switch#  Role   Mac Address     Priority Version  State ———————————————————- *1       … Read More

Other stuff...

Cisco Connect – Software Download Entitlement Controls

René Jorissen on December 13, 2010 1 Comment • Tags: #cco #cisco #connect #download #software

I read about it on the internet and last week I received the “official” mail from the Cisco Partner Channel about the changes regarding the Software Download Centre Entitlement Controls. The e-mail (in Dutch) can be found below. I have different feelings about the changes regarding the software entitlements. It isn’t possible anymore to just … Read More