Log into the CLI and run
show logging application ise-psc.log
or
show logging application ise-psc.log tail
Category: Security
Homebrew for MAC
xcode-select –install
/bin/bash -c “$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)”
MAC terminal list private key and cert from pkcs12
% openssl pkcs12 -info -in pkcs12-2022.pfx -nodes
Enter Import Password:
MAC Iteration 2000
MAC verified OK
PKCS7 Data
Shrouded Keybag: Bag Attributes
localKeyID: 01 00 00 00
friendlyName: cn=pkcs12-2022
Microsoft CSP Name: Microsoft Enhanced Cryptographic Provider v1.0
Key Attributes
X509v3 Key Usage: 10
—–BEGIN PRIVATE KEY—–
xfggfgk
—–END PRIVATE KEY—–
—–BEGIN CERTIFICATE—–
gfjhhldghdf
—–END CERTIFICATE—–
Certification Authority
—–BEGIN CERTIFICATE—–
hjfhdxssggk
—–END CERTIFICATE—–
How to get into LINA-CLI on CISCO FTD
Login to the FTD with admin and type expert
type sudo su and enter password.
type lina_cli and hit enter to access the ASA CLI
type enable and hit enter.
to get out of it press Ctrl+A and then d
In newer versions this following command will get you into LINA:
system support diagnostic-cli
ASA capture tips.
ASA and FWSM Capture
Here are some options for doing a capture on the ASA.
asa# access-list CAP1 ext permit ip any any
asa# capture CAPTRAFFIC access-list CAP1 circular-buffer interface outside
These are the options.
asa# capture CAPTRAFFIC ?
access-list Capture packets that match access-list
buffer Configure size of capture buffer, default is 512 KB
circular-buffer Overwrite buffer from beginning when full, default is non-circular
ethernet-type Capture Ethernet packets of a particular type, default is IP interface Capture packets on a specific interface
match Capture packets matching five-tuple
packet-length Configure maximum length to save from each packet, default is 68 bytes
real-time Display captured packets in real-time. Warning: using this option with a slow console connection may result in an excessive amount of non-displayed packets due to performance limitations.
trace Trace the captured packets
type Capture packets based on a particular type
To view capture output:
show capture CAPTRAFFIC
To see the traffic that the ASA is dropping.
asa# capture capasp type asp-drop all
If you want to see the actual capture pcap output
capture capinout type raw-data interface OUTSIDE [Capturing – 2164 bytes]
match udp host 172.16.1.176 any
Then in a web browser you can download the capture from the ASA.
https://172.16.254.1/capture/capinout/pcap
Then you can open it in wireshark and see what the traffic was in detail.
ASA Capture
ASA capture
cap test1 inter match ip host 10.1.1.100 host 192.168.29.110
download to pc.
https://10.0.0.33/capture/test1/pcap
Ubuntu from PKCS12 to Certificates crt file and private key
openssl pkcs12 -in cert1.p12 -out cert1.crt.pem -clcerts -nokeys
openssl pkcs12 -in cert1.p12 -out cert1.key.pem -nocerts -nodes
Ubuntu Certificates crt file and private key to PKCS12
ubuntuccie23050:~/certmi$ cp cert.crt cert.pem
ubuntuccie23050:~/certdir$ ls
cert.crt cert.pem private.key
ubuntuccie23050:~/certmi$ openssl pkcs12 -export -in cert.pem -inkey private.key -out keyandcert1.p12
Enter Export Password:
Verifying – Enter Export Password:
ubuntuccie23050:~/certmi$ ls
cert.crt cert.pem private.key keyandcert1.p12
ubuntuccie23050:~/certmi$ exit