Enabling passive FTP through Cisco ASA

As I explained 1:1 NAT (with example for PPTP passthrough) in this post you can also add more PAT just based on your access-list. I recognized a problem at one customer that FTP needs an inspection firewall entry. The customer runs a passive FTP server on tcp port 3002 which I forwarded to inside: object … Read more

Enabling World of Warcraft Installer/Updater

Behind a Sophos UTM or Astaro ASG, the World of Warcrafter Installer or Updater brings always the error message BLZPTS0000J at start. In most cases this is a problem with the http-proxy. So if you want to enable the Blizzard Updater to connect, you need to skip AntiVirus for the following URLs: ^https?://[A-Za-z0-9.-]*\.battle\.net/ ^https?://[A-Za-z0-9.-]*\.edgesuite\.net/ ^https?://[A-Za-z0-9.-]*\.blizzard\.com/ … Read more

Using parent proxies with Sophos UTM or Astaro ASG

One of my customers has several attached branch offices connected via MPLS. Branch Office UK is using the webproxy from the german location (central ASG cluster). They had problems using www.google.co.uk or other websites with geo-IP-filters so we need a the usage of parent proxies based on some URLs. To do this, just use web … Read more

Wireshark with Windows 8

Today I wanted to sniff broadcast packets within a customer network, so I download and installed Wireshark (Wireshark-win64-1.8.2.exe) on my new Windows 8 x64 Installation. WinPcap couldn’t be installed. I only got the message “This version of Windows is not supported by WinPcap 4.1.2. The Installation will be aborted”. To resolve this, just download the … Read more

Cisco ASA NAT examples with software version 8.4

I know that they take LSD (yes Lysergic acid diethylamide) at Cisco like Kevin Herbert but can they consume less? Every release of a new 8.x software version of the Cisco ASA has new NAT statements and logic. This week I replaced an old Cisco PIX 6.x with a new Cisco ASA 8.4(4)1 (asa844-1-k8.bin) and … Read more

Cisco VPN Client not working at Windows 8 RTM

Last week I installed Windows 8 RTM x64 on my notebook. Everything worked fine except Cisco VPN Client. I always get the message “Reason 442: Failed to enable Virtual Adapter”: So i tried several things. Reinstall, Configuring fixed IP address, restart several times the service and then realized that the search of the adapter runs … Read more

Set a Cisco WLC to factory-default and activate webinterface

To set a Cisco WLAN controller to factory default settings, you can connect via console or telnet/ssh to the WLC and type in the following: (Cisco Controller) > reset system (Cisco Controller) > recover-config or you can boot up the device and just press ESC several times to come to the boot menu. Type “5” to … Read more

Broken connection status in network connection center with Sophos UTM

When you configure a Web Security Proxy Profile with Sophos UTM (Astaro ASG) for your network with authentication mode on, some applications just want to go directly outside without to authenticate themselves like the network connection center in Windows Vista/7/8. The system trys to open a default specified URL which can be found at the registry: … Read more

Updating HP ProCurve Switches

Finally back from USA I will deliver you a new tutorial to update your ProCurve switches. In most cases you will need to do an update on the software because your new installed GBIC modules are not recognized. Don’t ever install directly to the newest version because most updates need a new Boot ROM, so … Read more