Category Archives: Cisco

Cisco ASA BGP configuration

In this post we will examine the use of BGP in the Cisco ASA to allow failover between 2 ethernet style connections from the same ISP. There is no reason to doubt that this would not work with a PPPoE … Continue reading

Posted in Cisco | Tagged , , | Comments Off on Cisco ASA BGP configuration

Cisco ASA with PPPOE failover line

As we have documented previously, failover on the ASA is not a difficult configuration, just add a tracking object to the primary route and modify the metric of the secondary route. The snarly bit about getting a pope based failover … Continue reading

Posted in Cisco | Tagged , , , , | Comments Off on Cisco ASA with PPPOE failover line

Let’s talk about AF-Groups, Session-Groups and Neighbor-Groups

After the spin round the block with IOS-XE ‘scaled configuration’ features, this is the accompanying IOS-XR version. First thing first we need to create the ‘long-hand’ version that we used on XE but for XR. The config on XR changes … Continue reading

Posted in Cisco | Tagged , , , , | Comments Off on Let’s talk about AF-Groups, Session-Groups and Neighbor-Groups

Let’s talk about Peer-Groups, Session-Templates and Policy-Templates

We have a lot of BGP configuration over a number of devices. In the main these run IOS XE but not all. This post is a walk through of how to convert a ‘long-hand’ BGP config into first peer- groups, … Continue reading

Posted in Cisco | Tagged , , , | Comments Off on Let’s talk about Peer-Groups, Session-Templates and Policy-Templates

Cisco ASA Connect to DSL via Draytek Modem

Some times we need to connect an ASA to a DSL/FTTC line directly vi a modem, either for a backup line (see previous posts) or for a primary internet connection. Lets walk through the process here: Stage 1- Set up … Continue reading

Posted in Cisco | Tagged , , , | Comments Off on Cisco ASA Connect to DSL via Draytek Modem

Cisco ASA Dual ISP setup

This post describes and tests some configurations to support multiple ISP or WAN connections on an ASA running FOS9. Im using an ASA 5506X for this demo and my software version does not use the bridge-groups out of the box … Continue reading

Posted in Cisco | Tagged , , , , | Comments Off on Cisco ASA Dual ISP setup

Cisco Anyconnect – Disconnect and Reconnect at login

We have all had that experience when the Cisco Anyconnect client immediately disconnects after you have logged on and then starts reconnecting again. Its not life threatening, just irritating. The issue appears to be caused by an MTU mismatch, but … Continue reading

Posted in Cisco | Tagged , , , | Comments Off on Cisco Anyconnect – Disconnect and Reconnect at login

Cisco Dynamic L2L VPN setup

Todays challenge is to set up an L2L VPN tunnel between an Cisco ASA running IKEv1 and Cisco 927 with a dynamic IP address. The 927 is behind a NAT firewall so needs to be managed through the tunnel so … Continue reading

Posted in Cisco | Tagged , , , , | Comments Off on Cisco Dynamic L2L VPN setup

Cisco ASA Site to Site VPN with dynamic IP addresses

Today’s problem is a new customer office opening ahead of their scheduled MPLS installation. We need to connect them back into their VPN via their existing hosted Cisco ASA. The internet connection at the new office is at this point … Continue reading

Posted in Cisco | Tagged , , , | Comments Off on Cisco ASA Site to Site VPN with dynamic IP addresses

Basic WebVPN setup on the Cisco ASA 9.x

We have resisted the change for a long time, bit its time to finally move some of our customers over to the SSL VPN who were previously using the IPSec Remote Access VPN. Windows 10 does not support the IPSec client … Continue reading

Posted in Cisco | Tagged , , , | Comments Off on Basic WebVPN setup on the Cisco ASA 9.x