Menu Close

ASA ‘The ID certificate associated with trust-point contains an Extended Key Usage (EKU) extension but without the Server Authentication purpose which is required for SSL use.’

In this post you will see what could be the root cause of getting the “WARNING: The ID certificate associated with trust-point contains an Extended Key Usage (EKU) extension but without the Server Authentication purpose which is required for SSL use.” message on the ASA when you try to associate a trust point to an interface, and how to fix…

Palo Alto Empty Login Page

I was working the other day on a Palo Alto firewall running version 10.0.2, and all of a sudden it kicked me out and I could only see an empty login page. I could not see anything on the login page but the background image shown below. I tried to refresh the page a couple of times with no luck,…

Npcap Failed to Create the Npcap Service

Recently I had ran into some issues when I was trying to update Wireshark on some workstations and servers. Specifically, the Npcap was failing during its version upgrade, and was returning an error stating that it failed to create the npcap service as shown above. Here is how to fix this annoying issue. Step 1: Go to Local Group Policy…

AnyConnect Certificate Validation Failure

This post will cover one interesting root cause of getting AnyConnect Certificate Validation Failure. I was working on setting up a Cisco AnyConnect Management Tunnel, which I will cover in another post, and for some reason when I was trying to establish AnyConnect SSL VPN from a Windows client, it was just failing dropping the message Certificate Validation Failure on…

Palo Alto VPN Tunnel Up But No Traffic

This post covers a potential issue that might cause a Palo Alto VPN tunnel to be up but with no traffic flowing between the encryption domains. Here is the scenario I came across with a site to site VPN tunnel between a Palo Alto and a Cisco ASA behind a NAT device. Basically, the VPN tunnel was configured with no…

Palo Alto Site-to-Site VPN with ASA

This post will cover how to configure Palo Alto site-to-site VPN with Cisco ASA. However, the post will not cover any of the ASA configuration parts, but please check out Cisco documentation on this link if required. Configuring a site to site VPN tunnel on Palo Alto firewalls is not difficult, but it could be a little bit challenging for…

FMC Health Monitor Blacklist

When it comes to security, the word blacklist is always tied to something bad. However, this is not the case when we deal with health policies in Cisco FMC. FMC offers a nice feature called health monitor blacklist. This feature allows us to suppress the health alerts related to one or more FTD appliances. Not only, the health monitor blacklist…

>
Scroll To Top
Share via
Copy link
Powered by Social Snap