ASA me2

Let's troubleshoot... We also do trainings .. Checkout our training page https://asame2.blogspot.com/p/we-also-deliver-trainings.html

Featured Post

How to generate a CSR on Cisco ASA using CLI? CSR- (Certificate signing request)

First thing we need is an RSA key pair:   crypto key generate rsa label SSL-Key modulus 1024 noconfirm Create a trust-point crypto ca...

Recent Comments

Recent Post

Saturday 27 February 2016

Packet capture on IOS XE

  February 27, 2016    


Specify the interface where you would like to take capture:
monitor capture mycap interface <interface_name> both

What are the interested IPs:
monitor capture mycap match ipv4 host <IP> host <IP>

or you can apply captures for a protocol:

monitor capture mycap match ipv4 protocol ?
tcp
udp
 monitor capture mycap match ipv4 protocol tcp any any

Start the capture:
monitor capture mycap start

Stop the capture:
monitor capture mycap stop

Look at the capture: If you do not stop the capture and directly enter this command, it automatically stops the capture.
show monitor cap mycap buffer bri

If you are done taking a look at this capture and would like to clear the capture so that you can capture some new data:

monitor capture mycap clear






  No Comments

Wednesday 10 February 2016

Tuesday 9 February 2016

How to check on which port ASA is listening at?

  February 09, 2016    

"show asp table sockets" will show you all the ports that an ASA is listening at.

 TEST-ASA5505(config-webvpn)#  sh asp table so
Protocol  Socket    Local Address               Foreign Address         State
SSL       00022cef  10.10.10.253:443            0.0.0.0:*               LISTEN
TCP       0005509f  10.10.10.253:23             0.0.0.0:*               LISTEN
TCP       0006af1f  10.10.10.253:22             0.0.0.0:*               LISTEN
TCP       00095f0f  1.93.34.130:22             0.0.0.0:*               LISTEN
SSL       0076a158  10.10.10.253:443            10.10.10.55:60820       ESTAB
SSL       007e4038  10.10.10.253:443            10.10.10.55:60824       ESTAB
SSL       08f3732f  1.93.34.130:4443           0.0.0.0:*               LISTEN
DTLS      08f5b9df  1.93.34.130:443            0.0.0.0:*               LISTEN

  No Comments

How many address pools can be configured in a tunnel group or group policy?

  February 09, 2016    

A maximum of 6 address pools can be configured under a tunnel group or group policy.

This is what happens when you try to call 7th address pool.

Test-ASA(config-tunnel-general)# address-pool 7
ERROR: list full: only 6 address pools can be specified

For more reference :
http://www.cisco.com/c/en/us/td/docs/security/asa/asa70/configuration/guide/config/vpngrp.html

  No Comments

Subscribe to: Posts (Atom)