Open MMC
Add certs snap-in
user account and computer store
Check certificates > personal
exported the user cert from user store (use PKCS12 or DER base-64 encoded)
imported user cert into machine
Friday, 7 March 2025
switch aaa and radius authentication settings for duo etc
aaa group server radius DUO-AUTH
aaa authentication login default group DUO-AUTH local
aaa authentication login CON-LOCAL local
aaa group server radius DUO-AUTH
server name DUO-AUTH-PROXY
ip radius source-interface Vlan2
radius server DUO-AUTH-PROXY
address ipv4 192.168.1.1 auth-port 18122 acct-port 18122
pac key 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Wednesday, 5 March 2025
find what DH group an ikev1 S2S VPN is using in ASA
sh crypto isakmp sa detail | i Grp:
Looking for groups 2 and 5
sh crypto isakmp sa detail | i Grp:2,
sh crypto isakmp sa detail | i Grp:5,
Can copy the full output of " sh crypto isakmp sa detail" to a text file and search
Tuesday, 4 March 2025
QoS palo alto
Make QoS policies
Policies > QoS
Assign policies to a profile:
Network > Network Profiles > QoS Profile
Assign a profile to interfaces
Network > QoS
Subscribe to:
Posts (Atom)