Download OrgInfo.json from dashboard
Upload to both ASA's
Enable it under the webvpn section and the GP attached to the anyconnect profile
Wednesday 27 May 2020
cisco umbrella roaming client and anyconnect
https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/200940-Anyconnect-OpenDNS-Roaming-Security-Modu.html
Tuesday 19 May 2020
can't RDP to server authentication error due to CredSSP encryption oracle remediation
The server is using this update but the client is not
Update both hosts to latest
On client gpedit.msc -> computer conf -> admin templates -> system -> credential delegation
Set Encryption oracle remediation
to enabled
drop down to vulnerable
https://weblogs.asp.net/dixin/remote-desktop-connection-authentication-error-due-to-credssp-encryption-oracle-remediation
Update both hosts to latest
On client gpedit.msc -> computer conf -> admin templates -> system -> credential delegation
Set Encryption oracle remediation
to enabled
drop down to vulnerable
https://weblogs.asp.net/dixin/remote-desktop-connection-authentication-error-due-to-credssp-encryption-oracle-remediation
Tuesday 12 May 2020
cisco umbrella firewall rules
object-group network UmbrellaVAs
network-object host 10.53.0.71
network-object host 10.53.0.72
object-group network UmbrellaVA_Destination
network-object host 208.67.220.220
network-object host 208.67.222.222
network-object host 208.67.222.220
network-object host 208.67.220.222
network-object host 67.215.71.201
network-object host 146.112.255.155
network-object host 91.189.94.4
network-object host 91.189.89.199
network-object host 91.189.91.157
network-object host 91.189.89.198
network-object 67.215.92.0 255.255.255.0
network-object object ocsp.digicert.com
network-object object crl4.digicert.com
network-object object disthost.opendns.com
network-object object disthost.umbrella.com
network-object object s.tunnels.ironport.com
object-group service Umbrella_Ports tcp-udp
port-object eq domain
port-object eq 443
port-object eq www
port-object eq 123
port-object eq 22
port-object eq 25
port-object eq 5353
how is this even working?
network-object host 10.53.0.71
network-object host 10.53.0.72
object-group network UmbrellaVA_Destination
network-object host 208.67.220.220
network-object host 208.67.222.222
network-object host 208.67.222.220
network-object host 208.67.220.222
network-object host 67.215.71.201
network-object host 146.112.255.155
network-object host 91.189.94.4
network-object host 91.189.89.199
network-object host 91.189.91.157
network-object host 91.189.89.198
network-object 67.215.92.0 255.255.255.0
network-object object ocsp.digicert.com
network-object object crl4.digicert.com
network-object object disthost.opendns.com
network-object object disthost.umbrella.com
network-object object s.tunnels.ironport.com
object-group service Umbrella_Ports tcp-udp
port-object eq domain
port-object eq 443
port-object eq www
port-object eq 123
port-object eq 22
port-object eq 25
port-object eq 5353
how is this even working?
Subscribe to:
Posts (Atom)