viftrup.eu

Using Certbot to provision a publicly signed certificate and automatically populate DNS records within Cloudflare In this post, I’ll quickly go over how you can automatically, and with a simple command line statement, populate the required DNS01-challenge response with Cloudflare and generate a publicly signed certificate to be used on...

Note: As of the time of writing, this feature is only supported on FMC 7.6+, FTD 7.4+, and on physical appliances 1000-, 1200-, and 3100-series (clustering, multi-instances, and failover configurations not supported). Imagine if you could do (almost) zero-touch deployments of your branches with Cisco FTDs, even combined with the...

Please note: This is only related to FTD and expert-shell, this will not be related to ex. the Chassis Manager on 4100/9300-series. It is required that you're able to push platform setting policies to the device(s) and possibility for external SSH authentication either through LDAP or RADIUS in order to...

Do you actually know what all the interfaces present on your Cisco ASA or FTD installation are doing behind the scenes? I’m sure you’ve seen some of them, or atleast you’ve stumbled accross the interfaces “nlp_int_tap” or “Internal-Data0/1“ recently during troubleshooting or debugging. (You might have noticed other interfaces like...

Last year, Cisco rebranded their famous and widely known VPN product, AnyConnect, into the Cisco Secure Client (CSC). While AnyConnect and its modules are still exactly the same, the new CSC improves the possibilities now and in the future. One of the great features of CSC is the capability to...

Blocking specific internet categories or malicious activity based on DNS is becoming more popular, and often requires very little effort by the IT-department to implement. It introduces an efficient protection/enforcement of security and policies, with relatively low “time-to-action” Especially Cisco Umbrella which offers a range of DNS protection mechanisms does...