How to allow traceroute on Cisco ASA – udp 32 Drop-reason: (ttl-exceeded) ttl exceeded
When you are in need to allow traceroute for whatever reasons (which is blocked by default) you’ll see a lot of references to modify global...
How to copy image to standby firewall (Cisco ASA)?
If you are like me and think that there should be a way to copy files from primary unit dir via failover/ha link well you’ll...
Cisco ASA Firepower – TFTP %ERROR: Signature not valid for file disk0:/cisco-asa-fp2k.9.x.x.x.SPA
Short and simple. If you are running Firepower 2100 or 4100 on ASA image either stand alone or context mode you have to install new...
Key exchange failed. No compatible key-exchange method. The server supports these methods: diffie-hellman-group14-sha256 – Cisco ASA
If you are trying to ssh but you are getting this message (or similar) shown below its probably your client software. No compatible key-exchange method....
Cisco ASA Microsoft Updates Sources List – 2020 List
If you need to filter egress traffic on your ASA and one of the requirements is to have access to update.microsoft to pull all necessary...
Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability – CSCvg54267 – CDPwn
Another bug which impacts Cisco OS, OS XE and NX OS. “A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software...
Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability – Appliance Crash
Recently, I had couple of my ASAv’s to crash unexpectedly. Turns out its related to the bug CSCvi16029. If you getting similar behavior where your...
My CCIE DCv2 Lab experience #realityCheck
It’s been a while since I put anything on my blog. The closer I’ve got to my lab exam the less time I had to...
My 2 cents about ACI l2out – its basics, caveats and considerations
When configuring my first L2out I found very minimum documentation explaining the technical side of configuring L2out, its caveats and limitations. Thus the reason for...
VXLAN SVI suspended as soon as VLAN becomes part of vn-segment
When configuring VXLAN with MP-BGP EVPN Control Plane I’ve come across interesting behavior. When assigning VLAN to VXLAN segment (vn-segment) my SVI for that VLAN...