ASA 8.3(2) is out, as is ASDM 6.3(3)
I got off my ass tonight and decided to update the ASA (yes, my licensing is correct!). I haven't had a chance to play with it a while lot (you can see it's only been up for 3 and a half hours), but it seems pretty cool. I sat down and read the release notes for 8.3(2) and there's a few things you should know. First off, you're going to need more memory. Well, if you look at mine, you can see I've maxed out what the thing will accept, so I'm perfectly safe; but chances are, you're not. Cisco has a nice table to let you know what your memory needs are. In fact, if you head over to this web page, you check out the release notes for both 8.3(1) and 8.3(2). You'll see the new features as well as caveats fixed with these versions. Now that I have informed all you guys about the upgrade, I'm going to start playing with it for a little bit before the sun comes up and kills me. Dammit! It's already 1am!
Install MagicJack VoIP on Server 2003
I've been going without a land line for a few years now and it's starting to get old. Because of the plan that my wife and I are on with Sprint, it gets rather expensive when I start going over my minutes. And I sure as hell didn't want to fork out the kind of money that the phone and cable companies charge. I'm a Cisco Engineer for Christ's Sake! I should be able to set this up!
So I got my hands on the Cisco uBR924 you see in the rack. It uses H.323, but I couldn't find a reliable H.323 provider to give me a number. And I'm lazy. I'm sure I'll get around to using the H.323 in the modem sooner or later, but I wanted to try this product out anyway. I ended up ordering a MagicJack.
Well, MagicJack doesn't support Server 2003. But the only box that I have that stays on 24/7 is my server. And my server runs... you guessed it... Server 2003. My install went a little like this.
1. Plug the MagicJack into a USB port and let the drivers install.
2. Once the install runs, go to "My Computer" and run the Autorun on the MagicJack drive
3. Let MagicJack install (it downloads its software)
4. Get the message "No audio devices found no output/input devices are found".
5. Curse loudly at computer and say something along the lines of "Oh, you are GOING to work..."
Because I'm an idiot and didn't realize what I was doing, it was flat NOT going to work. The reason being is the only sound driver running was the Microsoft RDP Sound Driver. My server is headless, therefore I needed to be RDP'd into the box. I'm going to go ahead and make a long story short...
I plugged a keyboard into the box and logged in locally. I tried to "mstsc /v:server /console", but it still had the RDP driver. I haven't looked into it, but there may be someway to use the local drivers during that console session. Once I was logged in locally, I shadowed the local session from an RDP session. I turned on the Telephony Service, installed the sound drivers (they weren't installed), and started the Windows Audio service. Once that was done I restarted the MagicJack software and BAM! It worked.
***EDIT***
I just found out why the "/console" wasn't working when I was RDPing into the box. It seems that Microsoft changed /console to /admin in Vista for you to login to session 0. Here's the correct way to do it. In XP SP2, you want to run "
In Windows XP SP3, Windows Vista or Windows 7, run %systemroot%\system32\mstsc.exe /admin
If you are using Windows XP < SP3 the command is:%systemroot%\system32\mstsc.exe /console
Once you get the client up, you want to make sure that under the "Local Resources" tab you have the audio options set to "Leave at remote computer". This should fix that damn "No audio devices found no output/input devices are found" problem without having to plug a monitor and all into your server.
From what I've seen so far using WireShark, this is a simple SIP device that runs the G.711 Codec. Pretty straight forward. I'll mess with it some more and get back to you guys.
SSH Configuration in IOS
Last post we got TACACS+ running on your Cisco device. Now let's get security really going good by putting SSH on the box.
Make sure that you have the IPSEC feature set available, otherwise you're hosed from the start. And again, because you're a GOOD Cisco Admin, you know that SSH uses port 22, right?
The server must have a host name AND domain name. In configuration mode type:
hostname your-hostname
ip domain-name your.domain
The RSA keys must then be generated. In the configuration mode type:
crypto key generate rsa usage-keys
Enter 1024, Then type:
ip ssh time-out 60
ip ssh authentication-retries 2
line vty 0 4
transport input telnet ssh (leave telnet out once ssh works)
login local (or tacacs)
Now you've set up SSH. Enjoy your new security!!!
If you want to know how to do anything with your Cisco devices, shoot an email to Greg@GregLedet.net and I'll do my best to get something up here ASAP on how to do it.