Cisco ASA – Software Effect Enterprises, Inc

Cisco AnyConnect on Centos 7

Posted on August 19, 2019 by SEEIAugust 19, 2019

I had to install AnyConnect 3 on my Centos machine (yes, I know, it is long past end of life – but sometimes you have to take one step back to take two steps forward) and when I launched it … Continue reading →

ssh fails to connect with debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

Posted on November 11, 2018 by SEEINovember 11, 2018

Running ssh across a vpn connection I started having my ssh sessions fail to connect. After starting ssh with the “-vvv” option, the session would timeout after getting a debug1: expecting SSH2_MSG_KEX_ECDH_REPLY After doing some research, I found other people … Continue reading →

Forcing / Testing Cisco ASA Failover

Posted on August 31, 2017 by SEEIAugust 31, 2017

The following is for working with the Cisco ASA with failover – where you have two ASA’s set up so that one will take over when one fails. This is not used for ISP failover. For that, see here. Force … Continue reading →

SNMP v3 and Cacti

Posted on June 13, 2017 by SEEIMay 20, 2023

A quick synopsis on setting up a Cisco ASA and a Centos 6 or 7 system to use SNMP v3 to be monitored by Cacti Cisco ASA en conf t # create a snmp-server group (needed for SNMP v3) # … Continue reading →

Web Site Certificate/SSL Tests

Posted on May 13, 2016 by SEEIJune 16, 2019

I have found the following two sites helpful in finding issues with the configuration of SSL secured web sites https://ssltools.digicert.com/checker/ https://www.ssllabs.com/ssltest/analyze.html Test which ciphers (TLS, SSL, etc) are enabled nmap -sV –script ssl-enum-ciphers -p 443 www.yourdomain.com Ref: https://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html

Continue reading →

View current VPN sessions on an ASA via CLI

Posted on February 2, 2016 by SEEIFebruary 2, 2016

To view current sessions sh vpn-sessiondb remote (IPSec Remote VPN Clients) sh vpn-sessiondb l2l (L2L Tunnels) sh vpn-sessiondb svc (SSL VPN / Anyconnect Clients) sh vpn-sessiondb webvpn (Clientless sessions) sh ssh sessions (show users connected to ASA via SSH) To … Continue reading →

Rate Limiting on an ASA

Posted on October 20, 2015 by SEEISeptember 5, 2017

Configuration 1 I have a situation where I have a group of users that are eating up 100% of the bandwidth in the office. I am limiting the amount of upstream and downstream bandwidth used by these selected users being … Continue reading →