Configuring a fallback for default-route on a Cisco router

This was a wish from one of my customer and I was investing a lot of time to connect the site2site VPN on both WAN uplinks with EIGRP metric and so on… but there is another simple way to configure an automatic default-route fallback which solves all our problems in case the primary WAN links … Read moreConfiguring a fallback for default-route on a Cisco router

Export logfiles before new Installation of Sophos UTM v9

In case that Sophos still has no update for going from Version 8.306 to v9 within an UTM-cluster, I need to reinstall one of the clusternodes at my customers and restore the license file and configuration . In this procedure you are losing all your log files on the device so you need to copy … Read moreExport logfiles before new Installation of Sophos UTM v9

Enabling passive FTP through Cisco ASA

As I explained 1:1 NAT (with example for PPTP passthrough) in this post you can also add more PAT just based on your access-list. I recognized a problem at one customer that FTP needs an inspection firewall entry. The customer runs a passive FTP server on tcp port 3002 which I forwarded to inside: object … Read moreEnabling passive FTP through Cisco ASA

Enabling World of Warcraft Installer/Updater

Behind a Sophos UTM or Astaro ASG, the World of Warcrafter Installer or Updater brings always the error message BLZPTS0000J at start. In most cases this is a problem with the http-proxy. So if you want to enable the Blizzard Updater to connect, you need to skip AntiVirus for the following URLs: ^https?://[A-Za-z0-9.-]*\.battle\.net/ ^https?://[A-Za-z0-9.-]*\.edgesuite\.net/ ^https?://[A-Za-z0-9.-]*\.blizzard\.com/ … Read moreEnabling World of Warcraft Installer/Updater

Using parent proxies with Sophos UTM or Astaro ASG

One of my customers has several attached branch offices connected via MPLS. Branch Office UK is using the webproxy from the german location (central ASG cluster). They had problems using www.google.co.uk or other websites with geo-IP-filters so we need a the usage of parent proxies based on some URLs. To do this, just use web … Read moreUsing parent proxies with Sophos UTM or Astaro ASG

Wireshark with Windows 8

Today I wanted to sniff broadcast packets within a customer network, so I download and installed Wireshark (Wireshark-win64-1.8.2.exe) on my new Windows 8 x64 Installation. WinPcap couldn’t be installed. I only got the message “This version of Windows is not supported by WinPcap 4.1.2. The Installation will be aborted”. To resolve this, just download the … Read moreWireshark with Windows 8

Cisco ASA NAT examples with software version 8.4

I know that they take LSD (yes Lysergic acid diethylamide) at Cisco like Kevin Herbert but can they consume less? Every release of a new 8.x software version of the Cisco ASA has new NAT statements and logic. This week I replaced an old Cisco PIX 6.x with a new Cisco ASA 8.4(4)1 (asa844-1-k8.bin) and … Read moreCisco ASA NAT examples with software version 8.4

Cisco VPN Client not working at Windows 8 RTM

Last week I installed Windows 8 RTM x64 on my notebook. Everything worked fine except Cisco VPN Client. I always get the message “Reason 442: Failed to enable Virtual Adapter”: So i tried several things. Reinstall, Configuring fixed IP address, restart several times the service and then realized that the search of the adapter runs … Read moreCisco VPN Client not working at Windows 8 RTM

Set a Cisco WLC to factory-default and activate webinterface

To set a Cisco WLAN controller to factory default settings, you can connect via console or telnet/ssh to the WLC and type in the following: (Cisco Controller) > reset system (Cisco Controller) > recover-config or you can boot up the device and just press ESC several times to come to the boot menu. Type “5” to … Read moreSet a Cisco WLC to factory-default and activate webinterface