CCNP SENSS: ASA Botnet Filtering

In a botnet attack computers can become infected with malware, the infected hosts will attempt to contact the botnet command and control servers. When configured the Botnet filter on the Cisco ASA firewall can be leveraged to check incoming and outgoing connections against a dynamic SensorBase database (downloaded from cisco) which contains information of known… Continue reading CCNP SENSS: ASA Botnet Filtering

CCNP SENSS: Prevent TCP attacks on a Cisco ASA

An attacker can launch a DOS attack by flooding a host with thousands of TCP SYN packets, the source address would be spoofed with no way for the host server to respond, this would create half-open TCP connections on the host consuming resources until the host is overwhelmed and packets are dropped. On the Cisco… Continue reading CCNP SENSS: Prevent TCP attacks on a Cisco ASA

Reset Cisco ISE WebGUI/CLI Passwords

In Cisco ISE the WebGUI and CLI admin accounts/passwords are separate. In order to change the passwords you can use the following methods: The CLI Admin password can be changed from the CLI by entering the command password. The CLI password is unique to each ISE node The WebGUI password can be changed from the… Continue reading Reset Cisco ISE WebGUI/CLI Passwords

Configuring Cisco FlexVPN with Certificate authentication

The intention of this blog post is to describe the steps to configure certificate authentication for FlexVPN on a Cisco IOS router. This post will not describe all the steps to enrol for a certificate or all the steps to configure FlexVPN, refer to the previous blog posts list below. The configuration used is based… Continue reading Configuring Cisco FlexVPN with Certificate authentication

Cisco IOS Certificate Enrollment via SCEP or Manual enrollment

The intention of this blog post is to describe how to configure a Cisco IOS router to request a certificate from a Microsoft SCEP (NDES) server to use for VPN authentication. A Windows Server must be configured as a Certificate Authority and with “Network Device Enrollment Service”. In the lab a Windows 2008 R2 server… Continue reading Cisco IOS Certificate Enrollment via SCEP or Manual enrollment

Using Device Sensor with Cisco ISE Profiling

The Device Sensor feature on Cisco Catalyst switches can be used for profiling on ISE. It collects additional information about endpoints connected to the switch using LLDP, CDP and DHCP protocols which other ISE Probes may not collect. The endpoint information is encapsulated in a RADIUS accounting packet and then forwarded to ISE. The Device… Continue reading Using Device Sensor with Cisco ISE Profiling

Configuring Cisco IOS SSL-VPN with RADIUS

This post describes how to configure a Cisco IOS Router with WebVPN. Cisco ISE (v2.1) will be used as a RADIUS server, to provide authentication and authorization. For testing purposes group membership will be used to determined which RADIUS attributes will be pushed to the connecting client. RADIUS Server Configuration For authorization Admin users will… Continue reading Configuring Cisco IOS SSL-VPN with RADIUS