ISE-Password Recovery

Geplaatst op door
Beantwoorden

I was labbing and somehow I managed to lockout my administrator account

An administrator can enter an incorrect password enough times to disable the account. The minimum and default number of attempts is five.

The account will be locked and can only be locked by mounting the ISO and resetting a new password for the admin.

To recover we need to reload the appliance and mount the ISO.

enter
[q] Quit and reload

After that the password is reset for the admin account we can login to the CLI interface to reset the user and password for the WEB interface.

This is done by executing the command:

application reset-passwrd ise <ADMIN-WEB-USER>

After the successful reset we can login to the webinterface.

Email, RSS Follow
Email

Emulate a IPSEC Site-to-Site tunnel with Cisco ASA 5520 in GNS3 Preparation Phase 2

Geplaatst op door
Beantwoorden

Now that we have finished phase 1 it is time to look at phase 2.

In phase 2 we will configure a site-to-site vpn tunnel throughout the ASDM wizard. I know it is better by cli. But i am new to Site-to-Site VPN and before you can understand the concept you need to start with the easy way. In phase 3 we will manual configure a ipsec site-to-site tunnel and give tips about what is required to be the same on both sides and what can be different.

Step 1: Create the local and remote subnet on both ASA’s

Config ASA1:

object network Local_Networks_VPN_To_Amsterdam

subnet 192.168.12.0 255.255.255.0

object network Remote_Networks_VPN_To_Heerlen

subnet 172.16.24.0 255.255.255.0

Config ASA2:

object network Local_Networks_VPN_To_Amsterdam

subnet 172.16.24.0 255.255.255.0

object network Remote_Networks_VPN_To_Heerlen

subnet 192.168.12.0 255.255.255.0

Step 2: Configure ASA1 and ASA2 to be a IPSEC Tunnel.

Look at this document for a step-by step guide on how it is created.

Step 3: Open a ping from site A to B

Very Important!

This is required. If no traffic is submitted the tunnel will stay down.

Why does something needs to be up when there is no traffic for the remote site?

Step 3 is also encluded in the guide with step 2.

 

Email, RSS Follow
Email

Emulate a IPSEC Site-to-Site tunnel with Cisco ASA 5520 in GNS3 Preparation Phase 1

Geplaatst op door
Beantwoorden

Background

We have multiple IPSEC Site-to-Site VPN tunnels within our company. The purpose of the VPN tunnels is to connect specific applications which are allocated within other companies. In production environments it is highly discouraged to change and test configurations. Because the Business these days does not accept any downtime.

Because of this i have chosen to emulate and learn the concepts of Site-to-Site IPSEC tunnels within a Lab environment.

Cisco ASA firewalls are expensive. For this reason I have chosen to emulate the software in GNS3.

GNS3 is free to download.
For more information follow this link: http://www.gns3.net/

Preparation in GNS3

Before we start with configuring the is a lot of preparation that needs to be done.

Step 1: What are the requirements? In this case a site-2-site IPSEC VPN. So we need 2 sites, 2 different networks, 2 firewalls in which 1 is a ASA.

Step 2: Design a Topology.

Topology

Topology 1

Lees verder

Email, RSS Follow
Email

Configuring Clientless VPN for ASA 5505 part 1

Geplaatst op door
Beantwoorden

Setting up clientless vpn for ASA 5505

It works probable the same on a ASA 5510, 5520, etc. However no guarantees.

Before we get started you need the following:

Internal network in this example will be: 10.110.0.0 /16

Outside network IP address will be: 192.168.10.250 (in normal usage the asa would have a public ip. But i am currently in a test lab where i have the asa behind another gateway.)

Lees verder

Email, RSS Follow
Email

Configure a span port on a catalyst 3560

Geplaatst op door
Beantwoorden

To create a span port on a cisco 3560 “swouter” the following preparations:

1. Connect the host/server/ip phone is connected to a port on the switch

2. Connect the wireshark client to another port on the switch. (this will be the destination port.

3. Connect the uplink for the client to the switch (if not already configured.)

to configure the switch:

monitor 1 source interface fastethernet 0/1

monitor 1 destination interface fastethernet 0/2

install wireshark and configure the filter to display only the host. (ip host)

 

Email, RSS Follow
Email

MBWE 2 TB Full Recovery Procedure

Geplaatst op door
2

Recover  step by step procedure for a Mybookworld 2 TB NAS.

 

Ok guys here it is. I have a MBWE with 2 1 tb drives in it. I had used the drives for a project and wanted to make a clean start.

What did i do to make it work again from totally clean drives to a Raid 1 config.

Lees verder

Email, RSS Follow
Email