February 2010 Archives

Stole this one from the Cisco Reader Tip - very handy! Allows you to test AAA user authentication from the ASA command-line:

ASA# test aaa-server [authentication|authorization] <aaa_server_group> [host <name>|<host_ip>] username <user> password <pass>

For example:

ASA# test aaa-server authentication TACGroup username johndoe password cisco123

if authentication is successful - INFO: Authentication Successful
if authentication fails - ERROR: Authentication Rejected: Unspecified

Just putting these commands in a handy place since this seems to happen more often than I thought...

rommon #1> ADDRESS=192.168.1.10
rommon #2> SERVER=192.168.1.1
rommon #3> GATEWAY=192.168.1.1
rommon #4> IMAGE=asa800-232-k8.bin
rommon #5> PORT=Ethernet0/0
rommon #6> tftp

I recently was attempting to install CUCM 7 on an older MCS-7825 server...unfortunately, the server is old enough that it only had a CD-Rom drive (and CUCM 7 is on DVDs)...Stumbled onto this utility:

http://sourceforge.net/projects/unetbootin/

Allows you to "burn" an ISO image onto a USB stick (and make a bootable USB drive in the process). Nice! Worked well for my CUCM install, but has a million other uses too.

These plug-ins are buried so deep in the Cisco site, it took me a good hour to track them down. These allow you to add functionality to the clientless SSLVPN on an ASA through Java. These ROCK for setting up remote administration (without a full VPN) for a network.
SSH Plugin
RDP2 Plugin (supports Win2008/W7)
VNC Plugin
*Note - for the RDP2 plugin, the ASA does not have a built-in plugin type for it. You must manually type "RDP2" as the plugin type when uploading it to the ASA* - click thumbnail below for screencap.