Useful Cisco Site-to-Site VPN Phase 1 and 2 Status Troubleshooting Commands

One way is to display it with the specific peer ip. Check Phase 1 Tunnel ASA#show crypto isakmp sa detail | b [peer IP add] Check Phase 2 Tunnel ASA#show crypto ipsec sa peer [peer IP add] Display the PSK ASA#more system:running-config | b tunnel-group [peer IP add] Display Uptime, etc. ASA#sh vpn-sessiondb detail l2l … Continue reading Useful Cisco Site-to-Site VPN Phase 1 and 2 Status Troubleshooting Commands

Tricks: Unable to access Sonicwall Management Portal? ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Most modern web browser no longer support RC4 encrytion as it is officially declared unsecured by IETF memo RFC7465 published on February 2015. Thus if RC4-Only encryption is enabled in SonicOS, it would block access to the Firewall Management Portal and will display "err_ssl_version_or_cipher_mismatch" error on the browser. Google Chrome and Firefox were among the first ones … Continue reading Tricks: Unable to access Sonicwall Management Portal? ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Tricks: Introducing Cisco RF Planning Tool

Here is a useful planning tool in Wireless Network provisioning for Cisco Meraki AP or the Mobility Express models. This is an online tool called Cisco RF Wi-Fi Planner Tool. Check out https://rftool.cisco.com You can use this by logging in to your Cisco Account. You can put into account external factors in designing your wireless network … Continue reading Tricks: Introducing Cisco RF Planning Tool

DNS resolution over IPsec/SSL VPN on Fortigate

Description This article provides basic troubleshooting to follow when you are not able to access hostname over IPSec VPN tunnel or SSLVPN connection Solution   If you are not able to access resources across VPN tunnel by hostname, check following steps: (1)  Make sure to set DNS server properly when configuring SSL or IPsec VPN.  … Continue reading DNS resolution over IPsec/SSL VPN on Fortigate

Tricks: 5 handy and simple tools in Network troubleshooting

Sweep Ping. If you want to check all the devices on the LAN Network by doing a sweeping ping to all the IPs in a given /2 subnet. for /L %a in (1,1,254) do @ping -n 1 192.168.1.%a|find "TTL" Just replace the 192.168.1 with your first three octets. 2. DIsplay your machines Routing Table using … Continue reading Tricks: 5 handy and simple tools in Network troubleshooting