43

How-to : Integrating Cisco devices CLI access with Microsoft NPS/RADIUS

-

Many times I came across one issue… how to grant access to CLI (Command Line Interface) on Cisco devices without creating separate username and password for each user on each device? In order to resolve that I did use AAA features of Cisco IOS and built-in Windows Server 2008 R2 component – NPS (Network Policy Server).

Those two mixed together can create very nice environment which allows flexible management who, when and how can access network devices. Same time, Active Directory will be central place to grant or deny access to devices as well as enforce specific privilege level.

Below is simple diagram of the whole process and steps which take place when accessing Cisco device integrated with NPS/RADIUS.

(more…)

0

Apps : passPCFdecode for PlayBook

-

Recently submitted to BlackBerry AppWorld new application. This time small app which allows to decrypt enc_GroupPwd parameter from Cisco VPN Profile (PCF file).

Awaiting for application approval.. once approved I will add button with link to BlackBerry AppWorld store.

New application will be available for free 🙂

UPDATE: Unfortunatelly application has not been approved to be published in AppWorld without any reasonable explanation.

(more…)

3

Config snippets : Cisco : PCF enc_GroupPwd and enc_UserPassword Decryptor

-

Another small app written in Adobe Flex. This time to decrypt passwords stored in Cisco VPN PCF file. Just simply copy enc_GroupPwd or enc_UserPassword to decryptor and click Decrypt button 🙂

Using this small app you can decode:

  • enc_GroupPwd – VPN group password from PCF file
  • enc_UserPassword – VPN user password from PCF file

For that small webapp to work Adobe Flash Player is required.

(more…)

2

Apps : pass7decode : My First App for PlayBook

-

Finally it happened that I commited my first application for BlackBerry PlayBook. Application I’ve created decodes Type 7 password which is stored in Cisco devices configuration. It is not complicated application and has splash screen and one application screen, but it does what I expected this piece of software to do 🙂

Using this small app you can decode:

  • wireless keys fro Cisco access points,
  • RADIUS/TACACS shared secrets
  • NTP authentication keys
  • Enable passwords (NOT enable secrets, which are stored using MD5).

I hope to develop this application and add some more decryption abilities for Cisco devices (like group password from PCF file for example).

Here are screenshots of my first app 🙂

(more…)

0

Config snippets : Cisco : Password 7 Decryptor in Adobe Flex

-

As the effect of my attempts to produce some small applications in Adobe Flex, I commited decryptor for type 7 passwords stored on Cisco devices.

Using this small app you can decode:

  • wireless keys fro Cisco access points,
  • RADIUS/TACACS shared secrets
  • NTP authentication keys
  • Enable passwords (NOT enable secrets, which are stored using MD5).

(more…)