Cisco | Cisco IOS router to Meraki Appliance | site-to-site VPN with Zone based Firewalling

Lately I’m busy to configure Cisco IOS routers in combination with Remote offices where we place Meraki Appliances (like the MX64, MX65 or the Z1) When we do this we create also a VPN connection (site to site). In this setup the Main office has a Cisco IOS router. Configuration of the Main Office. (Cisco …

Cisco | Cisco IOS router to Meraki Appliance | site-to-site VPN with Zone based Firewalling Read More »

Microsoft | Exchange 2013 update Global Address List Warning messages

Updating Global address list warning messages. I was running the following command Update-GlobalAddressList – identity “Default Global Address List” when I received the following warning messages. “WARNING: The Recipient “<domainname>/Microsoft Exchange System objects/OAB version 2″ is invalid and couldn’t be updated.” This warning occurs in my situation way after the migration of exchange 2007 to exchange …

Microsoft | Exchange 2013 update Global Address List Warning messages Read More »

Microsoft | SNMP settings via Group Policy

Recently I configured SNMP via the Group Policy. How ever by default you are not able to uncheck the Sent Authentication Trap function in the SNMP Serivce Settings. To do this you need to follow the following steps to complete this. Computer Configuration\Policies\Administrative Templates definitions\Network\SNMP\Specify communities. Enable this GPO and enter at Communities your own …

Microsoft | SNMP settings via Group Policy Read More »

Cisco | ASA disable SSL 3.0 settings and change it to TLS V1.2

To see if you SSL version for AnyConnect is on a safe level. You want to check this first via the following website https://www.ssllabs.com/ssltest/analyze.html You need to enter your domain name which you use to connect with the clients to logon to. For this you need to use at lease ASA software version 9.3(2) or …

Cisco | ASA disable SSL 3.0 settings and change it to TLS V1.2 Read More »

Cisco | IOS version difference in case of use NO_NAT

Since a couple of years actually I noticed that when I use recent IOS versions on a Cisco ISR device. That there are some struggles with NAT rules in combination with a VPN client. In somecases you have to put the access-list for the NAT rule with a Permit like below. ip access-list extended ACL_OUTSIDE_NO_NAT …

Cisco | IOS version difference in case of use NO_NAT Read More »