LDAP Authentication from ASA to Active Directory with VPN Group for AnyConnect or Cisco VPN Client

10. February 2014 Cisco ASA 1
Configure LDAP authentication instead of using Radius.  Using LDAP eliminates the issue of configuring IAS and/or Radius on the server.  It generally doesn’t require any additional server modifications unless you have your server locked down tight. In this example we created a group in the root of the Active Directory domain called VPNUsers and users in ...

Block an IP from accessing the network on a Cisco Router

30. January 2014 Cisco Router 2,547
We had a client call and say their site was being hammered. Through Cisco’s IP Accounting, we discovered a device on the network getting whacked by a ton of IP Addresses from the Internet.  I gave them the IP to investigate but with DHCP they had no way to tell who it was.  So we slapped on a quick ACL ...

Simple Cisco ASA NAT 8.3+

30. January 2014 Cisco ASA 2,257
Since Cisco ASA 8.3+ IOS, the NAT has changed compared to earlier versions.  Here’s a quick tidbit to permit the inside subnet out to the Internet. In this scenario, our LAN subnet is 172.16.1.0/24 object-group network Local_LAN  network-object 172.16.1.0 255.255.255.0 nat (inside,outside) source dynamic Local_LAN interface In the above example, the NAT calls for the object-group we ...

ASA PAT Redirect Different Port Numbers back inside

22. January 2014 Cisco ASA 4,752
This covers Cisco ASA versions 8.3+ 8.4+ 9.0+ 9.1+, and any others past the 8.3+ chain. Only have 1 usable public IP? You can share it for access inbound using different port numbers. In this example, You want to RDP to two servers in your office. But you can’t share the same TCP port and ...

Cisco Router Reload Kron Job

21. January 2014 Cisco Router 2,700
I read once and awhile users wanting to reload their routers automatically.  Not exactly sure why someone would need to reload the router.  But I’ve recently come across using some old docs using ‘kron’.  I used something similar to reset some voice ports that would hang offline during some troubleshooting.  I don’t know much about ...