About rahmant

rahmant · 11-10-2010

Has anyone ever tried to export an identity certificate from an ASA unit for import into IIS? Running 8.2(1) and ASDM 6.3(1).Via the ASDM, I've tried to export the cert in either PKCS12 or PEM format but I can get neither working. When trying to im...

rahmant · 11-19-2008

I have a bunch of Cisco ASA unit's all sending tcp based syslog data to a central Kiwi Syslog server. I have the units configured to continue functioning after syslog communications failure.We have patches applied on a regular basis and when the Sys...

rahmant · 05-13-2008

Running a packet capture on an ASA 5520 and I'd like to transfer the capture bucket in pcap format to my computer for analysis. I can get an ASCII record of the packets copied over using the "copy" command, however, I'd like to transfer the pcap dum...

rahmant · 05-07-2008

Swapping out a CheckPoint firewall for a new set of ASA's, running 8.0(3) and ASDM 6.1(1).One of the features that I'm trying to replicate with the crossgrade is HTTPS based direct network access authentication (or client auth in CheckPoint-speak)Wit...

rahmant · 04-01-2008

I'm drafting some ASA rollout procedures and wanted to document a build from scratch. Using a test ASA5520, I booted into monitor mode and erased the flash, with the expectation that I would be able to upload the latest image release onto the unit. ...

rahmant · 11-11-2010

Mike - you hit the nail on the head I did the export via the CLI (though I think the export was similar to the PEM format that was done from the ASDM). The trick was in the OpenSSL manipulation of the file after the export was done. Your command to...

rahmant · 11-10-2010

With a PEM export, the ASDM lets me export without a passphrase. With PKCS12, it seems to require one.Some questions:-) What version of the ASA OS are you running in your lab? What version of ASDM?-) What type of export did you do - PKCS12 or PEM?-...

rahmant · 05-18-2010

I know you've said that routing is functioning on the internal network, but I still think there's something that's pushing traffic destined for the 2.x network to the firewall.You said that you have some kind of anti-spyware device sitting between th...

rahmant · 05-18-2010

Can you sanitize and then post the config? IMHO, it still looks like something is bouncing the response packet going back to the 2.1 address via the firewall from the internal network. Can you run a capture as well and then post the *.pcap?Tariq

rahmant · 05-18-2010

Maybe anti-spoofing? If the firewall is directly connected to the 192.168.1.0/24 subnet, do you have a route pointing the 192.168.2.0/24 network to the internal router via the inside interface?Tariq

Member Since	‎04-01-2008 01:29 PM
Date Last Visited	‎08-18-2017 03:55 AM
Posts	20

User Statistics

User Activity

Certificate export from ASA to IIS

syslog resumption

packet captures in pcap format

ASA direct https network authentication questions

erase flash question

Re: Certificate export from ASA to IIS

Re: Certificate export from ASA to IIS

Re: PIX denying inbound http connection

Re: PIX denying inbound http connection

Re: PIX denying inbound http connection