Cisco ASA - eekbot/public GitHub Wiki
Checking Tunnel Status
BLAHFW# sh vpn-sessiondb l2l filter ipaddress 13.14.15.16
Session Type: LAN-to-LAN
Connection : 13.14.15.16
Index : 3415 IP Addr : 13.14.15.16
Protocol : IKEv2 IPsec
Encryption : IKEv2: (1)AES256 IPsec: (2)AES256
Hashing : IKEv2: (1)SHA256 IPsec: (2)SHA256
Bytes Tx : 6991751 Bytes Rx : 13100229
Login Time : 03:03:00 MST Tue Feb 27 2024
Duration : 10h:47m:03s
Choosing SSH Cipher Upon Login
[BLAHUSER@BASTION ~]$ ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 10.11.12.13
Unable to negotiate with 10.11.12.13 port 22: no matching MAC found. Their offer: hmac-sha1
[BLAHUSER@BASTION ~]$ ssh -m hmac-sha1 -A 10.11.12.13
Nexus 5000 Switch
Password:
Going Directly Into Enable Mode
# THIS ASSUMES YOU'RE USING AN AAA SERVER FOR AUTHORIZATION
aaa authorization exec authentication-server auto-enable
Moving A Capture From A Cisco ASA Context To The Sys Context
BLAH-CTXT1# show cap
1234-BLAH:
capture ca1 type raw-data interface BLAH_TRANSIT [Capturing - 370 bytes]
match tcp any any eq 1812
capture ca type raw-data interface BLAH_TRANSIT [Capturing - 1310 bytes]
match ip host 192.168.1.2 host 10.2.3.4
BLAH-CTXT1# copy /pcap capture:1234-BLAH/ca1 disk0:/ca1
Source capture name [1234-BLAH/ca1]?
Destination filename [ca1]?
!
5 packets copied in 0.10 secs
BLAH-CTXT1# dir
Directory of disk0:/
4 drwx 8192 01:30:05 Aug 05 2023 log
17 drwx 4096 07:43:14 Nov 11 2020 crypto_archive
[output cut]
842 -rwx 394 11:45:22 Jan 19 2024 ca1
1 drwx 16384 01:22:06 Aug 05 2023 coredumpfsys
[output cut]
BLAH-CTXT1#
Pulling A File From A Cisco ASA To A Linux Server
[USER@jaxmitlbas03 ~]$ scp [email protected]:disk0:/admin.cfg admin.cfg
Unable to negotiate with 172.16.2.3 port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1
[USER@BASTION ~]$ scp -oKexAlgorithms=+diffie-hellman-group1-sha1 [email protected]:disk0:/BLAH.cfg BLAH.cfg
[email protected]'s password:
BLAH.cfg 100% 7788 3.6MB/s 00:00
[USER@BASTION ~]$