Troubleshooting Cisco VPN Phase 2

Problem It’s been over two years since I wrote Troubleshooting Phase 1 Cisco Site to Site (L2L) VPN Tunnels. I’ve always meant to come back and write the ‘Phase 2’ article but never got around to it. This article is NOT intended to be a ‘fix all” for phase 2 problems, it’s designed to point you in the … Continue reading Troubleshooting Cisco VPN Phase 2

Troubleshooting Cisco VPN Phase 1

Problem Site to Site VPN’s either work faultlessly straight away, or involve head scratching and a call to Cisco TAC, or someone like me to come and take a look. If I’m honest, the simplest and best answer to the problem is “Remove the Tunnel from both ends and put it back again”. Just about every VPN tunnel … Continue reading Troubleshooting Cisco VPN Phase 1

Useful Cisco Site-to-Site VPN Phase 1 and 2 Status Troubleshooting Commands

One way is to display it with the specific peer ip. Check Phase 1 Tunnel ASA#show crypto isakmp sa detail | b [peer IP add] Check Phase 2 Tunnel ASA#show crypto ipsec sa peer [peer IP add] Display the PSK ASA#more system:running-config | b tunnel-group [peer IP add] Display Uptime, etc. ASA#sh vpn-sessiondb detail l2l … Continue reading Useful Cisco Site-to-Site VPN Phase 1 and 2 Status Troubleshooting Commands

Issue: Android users cannot connect to Wireless on Cisco Meraki APs

This article is to be used as a short reference guide on how to manually set up a WPA2-Enterprise with RADIUS Authentication (IEEE 802.1X) wireless profile on Android devices. This profile will allow the client devices to connect to the SSIDs configured with WPA2-Enterprise with 802.1X authentication as the association requirement. 1. At the home page, navigate … Continue reading Issue: Android users cannot connect to Wireless on Cisco Meraki APs

Important FortiGate CLI commands (HA and Sessions)

FortiGate High Availability Cluster CLI commands: Manage the specified FortiGate unit (X ist the unit number): execute ha manage X Set the current ForitGate Unit as master: diag sys ha set-as-master enable Get HA Status: get system ha status   FortiGate Session commands: Get all Sessions: diag sys session list Filter Sessions: diagnose sys session … Continue reading Important FortiGate CLI commands (HA and Sessions)

Tricks: Steps to Fix the Cisco VPN 412 Error

Cisco VPN Error 412 for Legacy VPN Client v5.0.0.07   Reason 412. The remote peer is no longer responding". Means that the software VPN Client detected that the VPN server is not responding anymore and deleted the connection. It can be anything from IPSEC traffic being blocked by your upstream device, NAT Issues or simply misconfigured VPN Settings: Once … Continue reading Tricks: Steps to Fix the Cisco VPN 412 Error

Tricks: 5 handy and simple tools in Network troubleshooting

Sweep Ping. If you want to check all the devices on the LAN Network by doing a sweeping ping to all the IPs in a given /2 subnet. for /L %a in (1,1,254) do @ping -n 1 192.168.1.%a|find "TTL" Just replace the 192.168.1 with your first three octets. 2. DIsplay your machines Routing Table using … Continue reading Tricks: 5 handy and simple tools in Network troubleshooting

Tricks: Cisco VPN on Windows 8.1 or Windows 10 – Reason 442: Failed to enable Virtual Adapter

Problem: Error when connecting to VPN Error Message: Reason 442: Failed to enable Virtual Adapter If you receive this error on Windows 8.1 or Windows 10 while trying to connect with the Cisco VPN Client then the solution is a simple registry fix. To fix: Click Start and type regedit in the Search field and hit enter. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CVirtA Find the String … Continue reading Tricks: Cisco VPN on Windows 8.1 or Windows 10 – Reason 442: Failed to enable Virtual Adapter

Tools: Flow Trace in Fortigate

The flow trace feature in the FortiGate units allows you to trace to flow of a packet through the firewall you are consoled to. It allows you to see if the packet is being denied for some reason or being allowed by a particular policy. You can also see what NAT rule and routing is … Continue reading Tools: Flow Trace in Fortigate