• Cisco AnyConnect SSL/TLS Trustpoint

    I wanted to put together a quick tutorial for setting up a Cisco ASA – AnyConnect with SSL/TLS. I’ve done it a few times and I always have to re-lookup each step and the order in which to do it, so why not make a quick post about it to remember!

    Optional: Destroy Current Trustpoint

    You will have to destroy or clear out the current trustpoint if it already exists. This must be done if you are going to re-generate the key, which is best practice when renewing a Certificate due to expiration or one that has been compromised.

    • It will warn you that it will destroy any certificates within the trustpoint.
    Generate a Key

    Here we start with the generation of our key, using 2048 bits. the key name can be anything you want, but I like call it by the service I will be putting it on, for my case for this tutorial is accessthejimmahknowscom.key

    Setting up the trustpoint locale and generate a CSR for submission

        First we need to set up a trustpoint object, with our locale properties, etc

    • newtrustpoint.trustpoint — The name I gave to this trustpoint which will tie everything together.
    • subject-name This command holds the distinguished name of the Certificate’s profile, see RFC3039
    • keypair — This is what key to pair the trustpoint with, we generated this in the previous step.
    • fqdn — This is the main FQDN of our service that will use the trustpoint
    • enrolment terminal — This tells the Cisco ASA to output the CSR (which we will create in the next step) to the terminal screen. Otherwise you will have to SFTP to the ASA and download it.

    [Read More…]

  • VoIP:101 — Building your VoIP Network — Part 2

    Welcome back to Part #2 of this series on setting up your VoIP network!. (Part #1, Part #2, Part #3)

    PART #2 — Call routing, Call numbers, SIP Trunks
    • VoIP SIP Termination — Where VoIP ends and PSTN begins
    • SIP Trunks and DID(external PTSN numbers)
    • Inbound and Outbound Call Routing
    • Optional: Install g729 codec

    As you can see we have a lot to cover, so let’s get ready for ROUND 2!!!

    [Read More…]

  • VoIP:101 — Getting started with your VoIP Network — Part 1

    VoIP networks, VoIP phones, VoIP extensions, VoIP everything. VoIP seems to be one of those black box buzz words that IT pros toss around, like the “CLOUD!” But what is really going on behind the scenes? How does VoIP protocols actually work? How can I setup a Call System? How do I get an outside number people can use to dial me?

    thejimmahknows.com VoIP

    This next series of blog posts (Part1, Part2, Part3) are dedicated to walking through the many aspects related to VoIP(Voice over Internet Protocol) and it’s features.

    PART #1 — Laying the foundation for our VoIP network
    • The Lab — Our Network pieces.
    • SIP — Life blood of VoIP
    • FreePBX/Asterisk — Call System Exchange
    • Phone Provisioning (Manual/Auto)
      • Manual Provisioning with Zoiper, Liphone, UbiPhone
      • Auto-provisioning with Cisco 7941G and 7945G (7961G,7965G)
    • Making your first VoIP call!
    PART #2 — Call routing, Call numbers, SIP Trunks
    • VoIP SIP Termination — Where VoIP ends and PSTN begins
    • SIP Trunks and DID(external PTSN numbers)
    • Outbound and Inbound Call Routing
    • Optional: Install g729 codec
    PART #3 — Ring Groups, Extension Shortcuts, Call Centers, Voicemails, Secure SIP with TLS, etc
    • Ring Groups
    • Extension Speed Dialing
    • IVR (Interactive Voice Response) — useful for Business Directory Prompt
    • Advanced Voicemail Services
    • Securing SIP (TLS and SRTP)
    • Other Cool Features

    [Read More…]