Dynamic Multipoint VPN (DMVPN) is a Cisco VPN solution used when high scalability and minimal configuration complexity is required in connecting branch offices to a central HQ Hub site. DMVPN is one of the most scalable and most efficient VPN types supported by Cisco. It is used almost exclusively with Hub-and-Spoke topologies where you want to have […]
How to Configure Cisco SPAN – RSPAN – ERSPAN (With Configuration Commands)
Having visibility in the traffic flowing through your network from specific hosts is an excellent way to troubleshoot problems or gather useful information and data. Cisco switches offer the capability to copy packets from specific ports or VLANs and send them to other ports for capturing and analyzing. The traffic can be captured and analyzed […]
Cisco Router WiFi Wireless Configuration – 881W
In today’s Internet world, a WiFi connection is a must in any enterprise network, either for employees or for guests and other customers that are requesting a wireless connection for better productivity. There is a study showing that 5-7 years ago when WiFi was at its beginning stages, only 10% of devices were connected to […]
How to Configure Cisco Router 3G-4G Mobile Cellular Connection
The cellular mobile network has evolved so much the last decades with improved coverage, speed and reliability. Therefore it is now possible to use the 3G/4G cellular mobile network as a reliable backup-up connection of your main connection line. Cisco has several router devices that have either an embedded 3G/4G modem or a standalone HWIC […]
How to Configure Private VLANs on Cisco Switches
There are some situations where you have a single Layer3 subnet hosting several servers but you need to restrict network connectivity between the servers, although they reside in the same L3 subnet. This scenario is very common in hosting environments where you offer collocation for customers but for security reasons you want to keep their traffic […]
WAN Redundancy with two ISPs using static floating default routes
In today’s networks, WAN redundancy is very important even in small networks. To have a truly redundant WAN connectivity, you must use two different ISP connections. However, there is a catch here. You need to use BGP dynamic routing protocol (usually), which adds some complexity and extra requirements. In most cases, you will need two […]
No switch option on Cisco ASA 5506-X
The new ASA 5506-X and 5508-X were released a few months ago from Cisco and are the models which will replace the very successful ASA5505 SOHO firewall. Especially the 5506-X is marketed as the ideal replacement for the 5505 which was very popular and successful in small network deployments. As you might know already, the […]
Site to Site IPSEC VPN Between Cisco Router and Juniper Security Gateway
In today’s network infrastructures, you will encounter multivendor devices that need to communicate and interoperate. One requirement that you will find frequently in your work environment is to establish a secure VPN connection over the public internet between two different vendor devices. As a network engineer you need to know that the best VPN technology […]
Configuration of Cisco ASA for ASDM Access
I have created the following video on youtube a few months ago and thought about embedding the video here as well. It is about configuring the Cisco ASA in order to install the ASDM image (Adaptive Security Device Manager) and hence be able to manage the device with the graphical ASDM GUI. The video shows […]
New Cisco ASA 5506-5508 models with FirePOWER
Cisco announced more details about its new ASA models (5506, 5508) which are using FirePOWER services and are geared towards small and medium size businesses. According to Cisco, the new ASA models are “industry’s first threat-focused Next Generation Firewalls” and offer application visibility and control, advanced malware protection (using AMP Threat Grid), next generation intrusion […]
Network Failover Redundancy Scenario – Two sites with two ASA Firewalls
A few months ago I was involved in a project where we had to design a network redundancy scenario with two physically separate networks in two different buildings (the sites were a few kilometers away from each other). The main requirement was to provide Inbound Internet Access to two Server Pools (Linux Servers in High […]
New Cisco ASA 5506-X / 5508-X will replace ASA 5505
Currently the smallest ASA appliance is the 5505 which has been in the market for several years with millions of installations worldwide. This small, passively cooled firewall still receives all the latest ASA software upgrades and features and has been a favorite firewall appliance for SOHO or Small/Medium Businesses. The ASA 5505 is equipped with […]
Number of CCIEs in the world – Starting Salaries – Demand by Track
I have collected some statistics about the Cisco CCIE certification which is the top spot you can get in the Cisco certification pyramid (of course there is also Cisco Architect in Design track but that’s another story). A lot of people are asking me about total number of CCIEs in the world, starting salaries of […]