Networks Training

Configuring AAA Accounting on Cisco ASA Firewall

Following our previous post about AAA Authentication for management access to a Cisco ASA Firewall, in this post we will describe how we can keep track of the authentication requests of admin users to the firewall. This can be helpful to keep a record of the time and date that an administrator user connected to […]

Cisco Branch Virtual Office Solutions – Network Design

Extending the central office enterprise environment to remote branch office locations gives employees greater flexibility while enhancing productivity and reducing costs. Cisco Virtual Office solution is an umbrella of technologies and products that delivers secure data, voice, and video communication to remote teleworkers and branch offices, providing to remote employees a seamless office-caliber experience to […]

Cisco ASA 5505 Vlans and Licensing

The eight physical network interfaces of the Cisco ASA 5505 firewall appliance can be divided into groups that function as separate security zone networks. Each group is a Layer 2 Vlan. Devices in the same group (Vlan) can communicate directly between them without passing through the security control of the firewall. On the other hand, […]

Cisco ASA 5505 Network Port Interfaces

The figure below (taken from Cisco) illustrates the back panel of the Cisco ASA 5505 appliance, showing the network interfaces and other important hardware points. 1 Power 48VDC 2 SSC slot 3 Network interface LEDs 4 Network interfaces 5 Console port 6 USB 2.0 interface 7 Reset button 8 Lock slot  Starting from right to […]

Adding more Interfaces to Cisco ASA Firewalls with 4GE SSM

Implementing security in layers is the recommended network security design for protecting information assets. This approach is achieved by segmenting your network into various security zones with an ASA Firewall and applying access policies between them according to their security levels. By default Cisco ASA firewalls come with at least four 10/100/1000 network interfaces which […]

Passing non-IP Traffic over IPSEC VPN using GRE over IPSEC

IPSEC VPN is a great technology for encrypting and securing communications between networks (used also in VPN software clients as well). The only drawback is that IPSEC supports ONLY pure IP unicast traffic and nothing else. If you want to securely pass multicast or non-IP traffic between sites then IPSEC alone will not work. Fortunately Cisco […]

How to upgrade the Cisco ASA 5505 software

The newest Cisco ASA firewall 5500 series came out with software version 7.0, following the successful software version 6.x of the older PIX firewall models. The latest ASA software version is 8.x with intermediary versions of 7.1 and 7.2. In this post I will show you how to upgrade a Cisco ASA 5505 firewall from […]

Cisco ASA Appliance – Five Functionalities in One Box

The Cisco Adaptive Security Appliance (ASA) device is not just a hardware Firewall as many people think. Of course the Firewall mechanism is the main functionality of the device, but the extension hardware modules that you can add on, can transform the appliance into content security, intrusion prevention, ssl/ipsec device etc.  Firewall  This is the […]

Connecting to the ASA Firewall with Telnet and SSH

The Cisco ASA firewall appliance provides both graphical and command line methods for connecting to the device for management. With the graphical method, the administrator can use a web browser (https) for managing the firewall. This method necessitates that the ASDM software (Adaptive Security Device Manager) is installed on the flash memory of the firewall. […]

Blocking peer-to-peer using Cisco IOS NBAR – Configuration Example

Cisco IOS Routers support application traffic classification using the Network Based Application Recognition (NBAR) feature. This brings application intelligence to the Layer 3 router device, putting more value into your network infrastructure. NBAR is usually used for classifying mission critical applications in order to apply Quality of Service and bandwidth guarantees in the network. Another […]

Latest Vulnerabilities in Cisco PIX and ASA.

On October 22, Cisco announced three vulnerabilities in the Cisco ASA 5500 series and PIX Firewall models running software versions 7.x and 8.x. ( See Cisco Security Advisory) The three security issues identified are the following: Windows NT Domain Authentication Bypass Vulnerability Cisco ASA or PIX security appliances configured for IPSec or SSL-based remote access VPNs using Windows […]

Cisco SSL VPN and ASDM Configuration – Port Conflict

In addition to IPSEc VPN support, Cisco firewalls support also the SSL Web VPN technology for providing access to resources for remote users. The main difference between IPSEc VPN and SSL VPN is that the first one requires a VPN client installed on the user’s computer while the SSL VPN requires only a secure browser (HTTPs). Another […]

Cisco Switches with Power over Ethernet PoE

Cisco has been supporting the standardized 802.3af power over ethernet feature since 2004. Catalyst switches with PoE are available as 10/100 PoE or even 10/100/1000 PoE. The Power over Ethernet feature is an excellent option for deployments of Cisco IP Phones. Wireless access points and security cameras can also be powered by PoE switches. The […]

About Networks Training

We Provide Technical Tutorials and Configuration Examples about TCP/IP Networks with focus on Cisco Products and Technologies. This blog entails my own thoughts and ideas, which may not represent the thoughts of Cisco Systems Inc. This blog is NOT affiliated or endorsed by Cisco Systems Inc. All product names, logos and artwork are copyrights/trademarks of their respective owners.

Amazon Disclosure

As an Amazon Associate I earn from qualifying purchases.
Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates.

BLOGROLL

Tech21Century
Firewall.cx