Cisco ASA: Setting up anyconnect vpn with SSL and IPsec

Introduction This post demonstrates how to set up anyconnect vpn for your mobile devices. In this post I am using an android mobile phone and downloaded anyconnect ICS+. Cisco ASA software version 9.1(4), ASDM version 7.1, with anyconnect essential license and anyconnect for mobile license. This demonstration will configure IPsec and SSL remote access VPN, … Continue reading Cisco ASA: Setting up anyconnect vpn with SSL and IPsec

Anyconnect for mobile: Unable to login despite credential is correct

I was using anyconnect ICS+ to test anyconnect with ipsec, however my anyconnect ICS+ client says "Login failed" despite I have put in the correct credential. after troubleshooting it was found that <code>tunnel-group-list enable</code> command was not put in.

Cisco ASA: Firewall rule testing before deployment

Introduction You want to segregate the network between users and servers network. Both the users and servers network is using the same subnet 192.168.20.0/24, to reduce the changes while implementing firewall and to test the firewall before it is deployed in between users and servers you have decided to do the following: 1. Use transparent … Continue reading Cisco ASA: Firewall rule testing before deployment

CSM: Integrating CSM with ACS version 4.2

Summarized Steps On ACS: 1. Create an ACS server administrator account with full ACS privileges. This admin credential is required for CSM AAA Mode Setup. 2. Enable Network Device Group. 3. Rename User groups. 4. Create users and associate the users to appropriate groups. 5. Create system identity user and group this user. This same … Continue reading CSM: Integrating CSM with ACS version 4.2

CSM: Authentication by TACACS+ and Authorization by CSM

When you want CSM users to be authenticated by Cisco ACS but want the authorization by CSM. Since CSM version 4.3, it has a feature of role management setup, this setup controls user rights. Login to the web portal Select Server Administration CSM home screen The default authentication mode is CiscoWorks Local. CSM supports several … Continue reading CSM: Authentication by TACACS+ and Authorization by CSM

CSM (disable ticket): Configuring logging to new device

Ticket management By default Cisco Security Manager enables ticket, however I have disabled the ticket management. The purpose of ticket is before any changes is made with CSM you need to create a ticket, then proceed to do the changes, after changes is made and saved, you need to submit the ticket. If workflow is … Continue reading CSM (disable ticket): Configuring logging to new device