Cisco ASA Firewall Fundamentals 3rd Edition

Today I have officially launched my new ebook “Cisco ASA Firewall Fundamentals – 3rd Edition” which is probably the most updated and practical Cisco ASA tutorial out there. It covers the newest ASA version 9.x (plus older versions as well) and all content in the book is applicable for both ASA 5500 and 5500-X series.

I wrote the original First Edition of “Cisco ASA Firewall Fundamentals” in 2008. Since then, I have been updating and enhancing the ebook with all new developments and features that Cisco adds to the ASA product line.

This Third Edition of the book is completely updated to cover the latest ASA version 9.x. All configuration commands, features etc will work on the newest ASA 9.x (in addition to older 8.x versions) and also on the newest ASA 5500-X models. This updated book Edition includes also extensive new content, making it one of the most complete ASA books available in the market. I believe that the Third Edition ebook will be a valuable resource for both beginners and experienced ASA professionals.

This ebook (PDF Format) is filled with raw practical concepts, step-by-step configuration tutorials, more than 50 colorful network diagrams to explain the scenarios, Complete Configuration Examples, real-world cases that you will not find anywhere else etc. There is no fluff or redundant information.

Some of the new topics added in the book include:

  • Basic, Advanced, and Scanning Threat Detection
  • IKEv2 IPSEC VPN (site-to-site)
  • IKEv2 Remote Access VPN (Using Anyconnect Secure Mobility Client)
  • Anyconnect SSL VPN using Self-Signed ASA Certificate
  • Anyconnect SSL VPN using Certificates from the Local CA on ASA for Certificate Based Authentication together with username/password (two factor)
  • Anyconnect SSL VPN using 3rd Party CA Certificates.
  • Per-Session PAT and multi-session PAT for version 9.x
  • Access Control List (ACL ) changes introduced in ASA v9.x
  • Time-based ACLs
  • Master Passphrase Configuration.
  • Identity Firewall Configuration (ASA configuration, AD Agent Configuration etc).
  • IPv6 Routing (static IPv6, OSPFv3 for IPv6)
  • Quality of Service Configuration (Traffic Policing, Traffic Shaping, Priority Queuing)
  • Cisco ASA 5505 chapter (hardware, license, configuration)
  • etc

Those are the additional topics added in 3rd Edition. The rest of the book covers much more content which comprise the most important features and configurations that you will encounter in Cisco ASA firewalls.

I believe that this ASA Configuration Guide will be a valuable resource for any Cisco Professional for years to come. Again, keep in mind that by purchasing this ebook you will be getting huge discounts of the future updated editions of the book that I will be publishing. Just make sure to subscribe to my “Customers’ email list” (at the download page after purchasing the book) in order to be eligible for the discounts.


How to Configure Cisco SPAN – RSPAN – ERSPAN


Having visibility in the traffic flowing through your network from specific hosts is an excellent way to troubleshoot problems or gather useful information and data. Cisco switches offer the capability to copy packets from specific ports or VLANs and send them to other ports for capturing and analyzing. The traffic can be captured and analyzed […]

[Continue reading]

Basic Redistribution Between Cisco EIGRP and OSPF

cisco ospf eigrp redistribution

The most common scenario for big enterprise networks with multiple routers is to have a single IGP routing protocol (IGP = Interior Gateway Protocol) running between the routers in order to distribute all the routing information of the network. The most common IGP routing protocols used by today’s networks are OSPF, EIGRP (Cisco proprietary) and […]

[Continue reading]

PPTP Configuration on Cisco Routers

configuration of pptp on cisco router

What is PPTP PPTP (Point to Point Tunneling Protocol) is a quick and easy solution to offer remote access to users. Since it is natively supported on almost all Windows operating systems (Windows XP, 7, 8 etc), this kind of remote access makes an ideal solution for clients using windows OS. Also, you don’t need […]

[Continue reading]

Cisco VRF Lite Configuration


In the previous post, we have discussed about isolating traffic using the private VLAN feature at Layer2 level. In this tutorial, we will discuss traffic isolation at Layer3 level using VRF Lite on Cisco routers. What is VRF Lite VRFs employ essentially the same concept as VLANs and Trunking, but at Layer 3. VRF (Virtual […]

[Continue reading]

How to Configure Private VLANs on Cisco Switches

private vlan on cisco switch

There are some situations where you have a single Layer3 subnet hosting several servers but you need to restrict network connectivity between the servers, although they reside in the same L3 subnet. This scenario is very common in hosting environments where you offer collocation for customers but for security reasons you want to keep their traffic […]

[Continue reading]

Cisco Switch Layer2 Layer3 Design and Configuration


Layer2 and Layer3 switches are the foundation of any network. After all, any network devices (routers, firewalls, computers, servers etc) have to be connected to a switch. Sooner or later, as a network engineer you will be faced with the task of deploying a switch network for a customer or for your own company. Therefore, learning […]

[Continue reading]

Poll for New Book

I have decided to try and write another book. I said “try” because it is NOT an easy task at all (believe me on this)!!. Having a family with two little kids and a full time job, there is little time available for other stuff. Anyhow, I will try and publish one of the books […]

[Continue reading]