2463

A few months ago I posted an article with steps to configure Windows IAS and Cisco IOS for authentication to Active Directory via RADIUS. I wanted to follow up on that with a quick overview of how to setup a PIX for management access authentication via Windows IAS and Active Directory. All of the steps for configuring IAS are identical, so I’m not going to cover that again. Remember that if you have a failover pair to add the standby partner to IAS as well. This example was built on a PIX 7.1 box, it will work on 7.X and … Continue reading How to Authenticate against Active Directory from a Cisco PIX

Cisco has a very cool tool which they call the output interpreter (requires CCO login). I haven’t used it in a while, but when I went to use it the other day, I discovered that it has been significantly improved since my last visit. It now links every single command in the device’s configuration to the relevant documentation, as well as provides security recommendations and numerous other useful pieces of information depending on what you give it. Giving it the output of sh tech (aka show tech-support) includes just about everything about the switch/router/etc, so that’s definitely the way to … Continue reading Cisco Output Interpreter Tool

Attached to this post is a simple script which connects over either Telnet or SSH to a list of devices and resets the enable password, local password for the vty lines, and the console password. The script will login either with a username/password pair or with just a password. The script is setup to work with Cisco IOS devices, but customizing it for CatOS or some other vendor would not be difficult. SecureCRT has a handy automation API which lets you build on the protocol support in it to automate tasks over the protocols it supports. As a Windows user, I … Continue reading SecureCRT Script for Mass Changing Cisco Switch/Router Passwords

One of the things I’ve been spending a portion of my time focusing on for the past ten months is the networking side of the house, and more specifically Cisco. I’ve had the pleasure of working with a client who is a Microsoft shop to the max. We made a decision early on to commit to a Cisco powered network infrastructure at this client, as well as to utilize Red Hat Linux servers in a few situations. These decisions have brought some interesting challenges that I’ve never tackled before, most notably how to tie everything back to Active Directory and … Continue reading How to authenticate against Active Directory from Cisco IOS