The picture below should be self-explaining. Click it for a larger version. Edit 2014: There was some errors in the logics around AEA-licenses. The picture below is now corrected. Please do not use the old version (v1.1). Let me…

The picture below should be self-explaining. Click it for a larger version. Edit 2014: There was some errors in the logics around AEA-licenses. The picture below is now corrected. Please do not use the old version (v1.1). Let me…
Issue: Your internal clients tries to reach an internal server but since they resolves the address of the server from an external DNS-server they will get a public IP. Solution: DNS Doctoring. In the example below your client…
Every time I see a new implementation of a Cisco ASA firewall I need to know how it is connected. Before doing any changes in the configuration and before answering any answers regarding the functionality of the FW i first…
I recently upgraded a customer ASA from v8.2 to 9.0 and while doing that I found out that some (yeah!) of the static NAT translations didn´t work after the upgrade. Skilled ASA-upgraders knows that this happens a lot. That´s why…
When releasing Cisco ISE as a “new ACS” questions quickly raised regarding the fact that there is no Tacacs+ support in ISE. With v1.0 of ISE Cisco said “Tacacs+ will come in a future version” but we haven´t seen it…