Cisco ASA – Slow Memory Leak (CSCuh48577)
Issue You may experience a slow memory leak within your crypto based processes when running SNMP on your Cisco ASA device. Solution The bug has been resolved within 8.2(5)46 under caveat CSCuh48577.
UNIX – What is a sticky bit ?
History The sticky bit was first introduced in 1974 within the UNIX operating system. Its purpose was to instruct the operating system to place the process into swap once completed. Thus reducing the startup time of the process during further executions. However nowdays this usage is obsolete. Usage Instead, the sticky bit is now set … Read more
Cisco – How to configure an IKEv2 Site to Site IPSEC VPN ?
Within this article we will show you the steps required to build an IKEv2 IPSEC Site to Site VPN on a Cisco ASA firewall. IKEv2 provides a number of benefits of its predecessor IKEv1, such as ability for asymmetric authentication methods, greater protection over IKE DoS attacks, interoperability between vendors for DPD/NAT-T, and less overhead and … Read more
F5 LTM – How do you restrict management access to the GUI ?
After finding this funky little command the other day I thought the readers of Fir3net may find it useful. Its especially handy when your LTM/GTM is placed directly onto the public network i.e not behind a firewall. Command To restrict access to the Web UI the following command is used, root@f5ltm1(Active)(tmos)# modify sys httpd allow … Read more
ADX – What is the order of priority for healthchecks ?
Background The Brocade ADX offers 3 main types of layer 7 healthchecks. These are, Server Healthcheck – Server healthchecks are configured on the real server itself. Once configured it issues a healtcheck to the real server based on the port/protocol configured. Port-Policy – A port-policy is a policy that contains all of your parameters for … Read more
Cisco ASA ERROR: Capture doesn’t support access-list containing mixed policies
Issue When trying to run a capture you experience the following error, asa-skyn3t(config)# access-list cap-acl permit ip any any asa-skyn3t(config)# capture inside interface inside access-list cap-acl ERROR: Capture doesn’t support access-list <cap> containing mixed policies Solution Within ASA 9.0 the ‘any’ keyword now represents all IPv4 and IPv6 traffic. And the new keywords ‘any4’ and … Read more
VIM: Set the Width of a Single TAB to 4 Spaces Wide
In this extremely short article we will provide you with the steps required to make the width of a single TAB only 4 spaces wide. This especially useful when using Visual Mode within VIM , in that you can indent large portions of text. Steps Within your ~/.vimrc file add the following lines. set shiftwidth=4 … Read more
ASA – VPN Traffic is not being encrypted (CSCsd48512)
Issue Traffic is sent out from the ASA unencrypted. Cause This can be caused by a duplicate (stale) ASP crypto table entry, this prevents the ASA encrypting any traffic destined for the remote host. There are 2 commands which shows this behaviour. They are, Interface outside:!out id=0xd616fff0, priority=70, domain=encrypt, deny=false hits=855899, user_data=0x473ccf4, cs_id=0xd5deba08, reverse, flags=0x0, … Read more
F5 LTM – RAM Cache
Introduction RAM Cache is a feature that provides the ability to serve content to your clients directly from the memory of your F5 appliance. This benefits both client and server by reducing response latency and also server load. What is Cached ? Heres a summary, The following items are cached, All 200, 203, 206, 300, … Read more
F5 LTM – iRule Variables
The F5 offers a number of different ways to you can represent your data via iRules such as variables, tables, datagroups and arrays. Within this article we will look at the variables. There are 2 main types of variables, local and global. Local Local variables represent data within your local namespace, and are assigned the … Read more