We’ve had to update the SSL certificate on our Cisco ASA recently due to this. The tricky bit was I couldn’t find the private key file that was used to generate the original certificate. Fortunately, you can extract it from the ASA, combine it with the updated certificate and import it back into the ASA. Here are the steps. You will need the OpenSSL tool to do this. Read More
Sometimes it’s tricky to figure out how much foreign currency you need in cash for your travel. Large transactions such as flights and hotels you’d most likely pay electronically but smaller items are often still easier to pay with cash. Read More
In previous post, I went through the steps to configure IPsec site-to-site VPN connection in AWS VPC. In this post I will go through the steps to configure my local (on-premise) VPN device. These steps are based on the sample configuration provided by Amazon. The instructions here are specific to the Cisco IOS platform I use but the concepts should be common to other devices. Read More
A colleague gave me a 2010 MacBook Pro and I notice that it runs very slow when running on battery. Boot-up takes a very long time and everything is lagging. It is practically unusable. When the power supply is plugged in however, it works normally. I tried the usual prescribed troubleshooting from Apple to reset the SMC but that still didn’t fix the issue.
Finally I came across this discussion on Apple Support Communities. The root cause seems to be faulty temperature sensor damaged by liquid spill. Because the sensor is faulty, macOS assumes the system is overheating and drops the CPU cycle which in turns makes everything runs much slower. Read More
For better redundancy, we may want to use port channel to connect a highly available active/passive pair of Cisco ASA to a switch stack. An important aspect to know is to create separate port channels on the switch stack, one for each ASA. On each ASA, it is still a single port channel because the configuration is replicated between the units. If you group all interfaces on the switch stack into a single port channel connecting to both ASA, the port channel will not be established because of the separate ASA system IDs. A single port channel is also not desirable because you do not want traffic to be sent to the standby ASA. Read More
In Cisco ASA 6.4.9 – and older possibly – it is possible to mix different types of service in a group. So you can have TCP and UDP or TCP-UDP and TCP in the same group.
Later versions of ASA do not allow this. In ASDM, you will get error message like below if you attempt to do this.
Additionally, if you had created a group with mixed types of service, later version of ASDM will not show this service group.
With the recent discussions on a new Australian datum (GDA2020), I have come across several queries regarding datum implementation in CORS network system and RTK service.
The basic principle to keep in mind is that RTK, or more descriptively, carrier-phase double-differencing, is a relative positioning technique. Unlike DGPS or PPP, it does not solve directly for coordinate but instead compute the vector (baseline) between the reference point (base station or CORS) and the unknown point. This vector is then applied to the known, accurately surveyed coordinate of the reference point to produce the coordinate of the unknown point (see Hofmann-Wellenhof, Lichtenegger, Collins, GPS Theory & Practice, Section 8.3 for further details). Read More
While the United States’ GPS is used in pretty much all vehicle navigation systems and smartphones, and Russia’s GLONASS is making inroads, not many are aware that China has been busy launching its own global navigation satellite system called BeiDou. Over the past three years or so, China has significantly expanded BeiDou and there are now more than 10 BeiDou satellites orbiting. Read More