The Magical Disappearing ASA ACL.   December 10th, 2007

I was on a client site about a month ago finishing an ASA install running PIX IOS 7.2.3. We were moving the client from flat ACLs to Object Group based ACLs, Object groups and named hosts. But for whatever reason we were having problems with the ACL. So from the command line I planned on using the tried and true no access-list “ACL NAME” to get rid of the offending ACL and start over. I was confused when the ACL did not go away. Well in reading 6200networks yesterday I came accross the the answer. From global config mode use clear configure access-list “id” and is should take care of that troublesome ACL. Thanks to Joe at 6200networks for the info.

Posted in ACL, Cisco, PIX/ASA, Security | No Comments »

ASA LDAP Auth the nice and easy way.   August 10th, 2007

Ok so I have been beating my head on ASA to LDAP auth (temporary fix till my client spins up RADIUS) but thanks to the great LDAP group at Cisco TAC I”m up and working. The piont of this post is to take what we tend to know about LDAP client configs and adjust it for what Cisco has setup in PIX IOS 8. Read the rest of this entry »

Posted in *NIX, Apple, Cisco, Design Strategy, LDAP, Open Directory, OS X, PIX/ASA, Security | 5 Comments »

Now by the power invested in java runtime I heal you ASDM!!!!!   June 13th, 2007

Any one who has tried to run Cisco’s ASDM (ASA Security Device Manager) with an IPS unit installed and running probably already know where this is going. Under Configuration and IPS your a provided a link that connects the broswer windows (ASDM) to the management interface of the IPS SSM module for the ASA. From there you are presented with ASA like login which is where the problems begin. If your are running the default java config the IPS screen will crash stating that you do not have enough memory allocated for java. In both Windows and Linux the solutions for this are pretty straight forward. In OS X however much searching and digging did not reveal the magic spot to change the memory settings. Thats where I come in. Read the rest of this entry »

Posted in Cisco, Network Management, OS X, PIX/ASA, Security, Software | No Comments »

Digital Demons, lets cast them out of our digital homes.   May 9th, 2007

Back on March 19th of this year I posted, “Three weeks in two, bah who needs sleep.”, I must have lied because between those two weeks and the subsequent crazy weeks following I pretty much fell off the map. During the aforementioned two weeks though I visited Ottawa, Canada for Sales and Engineering training for CryptoCard. For me trips like this are exciting not for the trip but for the time I get to spend with other professionals learning, hanging out and passing on our tricks to each other. During a break on the training routine our instructor Patrick posed a question something to the affect of; if we don’t like spam and attacks and we know that 20 to 30% of all spam and attacks come from North Korea and China then why don’t we block them at the edge? Read the rest of this entry »

Posted in Cisco, Errata, PIX/ASA, Security | No Comments »
Newer Entries »