As we know, the conventional NAT functionality on Cisco devices (routers, ASA firewalls etc) translates the SOURCE IP address to something else. There is also the so called “Destination based NAT” (or you may see it referred as “Reverse NAT”) which changes the destination IP address. Here we will deal with conventional source based NAT […]
How To Configure AnyConnect SSL VPN on Cisco ASA 5500
Virtual private networks, and really VPN services of many types, are similar in function but different in setup. At the end of this post I also briefly explain the general functionality of a new remote access vpn technology, the AnyConnect SSL client VPN. The Cisco AnyConnect VPN is supported on the new ASA 8.x software […]
How to Configure a Cisco ASA 5510 Firewall – Basic Configuration Tutorial
This Cisco ASA Tutorial gets back to the basics regarding Cisco ASA firewalls. I’m offering you here a basic configuration tutorial for the Cisco ASA 5510 security appliance but the configuration applies also to the other ASA models as well (see also this Cisco ASA 5505 Basic Configuration). The 5510 ASA device is the second […]
Cisco ASA 5505 Basic Configuration Tutorial Step by Step
The Cisco ASA 5505 Firewall is the smallest model in the new 5500 Cisco series of hardware appliances. Although this model is suitable for small businesses, branch offices or even home use, its firewall security capabilities are the same as the biggest models (5510, 5520, 5540 etc). The Adaptive Security technology of the ASA firewalls […]
Cisco ASA NetFlow Support – NetFlow Security Event Logging – NSEL
NetFlow is a protocol initially developed by Cisco but it is also supported on many other network devices. NetFlow’s purpose is to collect IP traffic information and send the collected records to a NetFlow Collector server or NetFlow Analyzer. NetFlow is useful for administrators to have an inside-view to the traffic passing through the network […]
Cisco ASA 5500 new software 8.2 released
A new software version 8.2 was released for the Cisco ASA 5500 appliance in mid-April 2009. All prior ASA releases (7.0, 7.2, 8.0, and 8.1) can be upgraded to version 8.2. If you have a Cisco SMARTnet services contract you can download version 8.2 free of charge. All ASA models (from 5505 up to 5580) […]
Cisco Router with Cisco ASA for Internet Access
A classic network scenario for many enterprises is to have a Cisco border router for internet access and a Cisco ASA firewall behind this router for protection of the internal LAN or for building a DMZ network. This scenario is shown in the figure below: Assume that our enterprise is assigned a public IP address […]
Cisco ASA ftp inspection purpose
By default, the global policy used on a Cisco ASA firewall enables FTP inspection for all traffic passing through the appliance. Before discussing the usage of ftp inspection, let’s see how ftp works: In Active FTP (which is the default mode), we need two ports for communication. Port 21 is used for Command and Control […]
5 Reasons to Buy a Cisco ASA 5505 from Amazon
For advanced home users or for SOHO and Branch offices, the Cisco ASA 5505 Firewall appliance is an excellent choice to use for network protection. Its Adaptive Security software is the same used for the whole range of the ASA series, so you can be assured that the 5505 will offer you also top-class security […]
Cisco ASA QoS for VoIP Traffic
One of the new additions in the Cisco ASA 7.x and 8.x software image is the ability to configure Quality of Service for VoIP traffic, something that was found only on IOS routers in the past. The ASA supports now Low Latency Queuing (LLQ priority queuing) which lets you prioritize certain traffic flows (such as […]
IP Phones behind a Cisco ASA 5505 Firewall
The Cisco ASA 5505 firewall is an excellent device for small branch office locations since it can offer several network services in one box. It can provide firewall security, IPSEC VPN lan-to-lan connectivity with a central office, and even power-over-ethernet connectivity for local IP phones (two of its network interfaces are power-over-ethernet ports). A common […]
Configuring AAA Accounting on Cisco ASA Firewall
Following our previous post about AAA Authentication for management access to a Cisco ASA Firewall, in this post we will describe how we can keep track of the authentication requests of admin users to the firewall. This can be helpful to keep a record of the time and date that an administrator user connected to […]
Cisco ASA 5505 Vlans and Licensing
The eight physical network interfaces of the Cisco ASA 5505 firewall appliance can be divided into groups that function as separate security zone networks. Each group is a Layer 2 Vlan. Devices in the same group (Vlan) can communicate directly between them without passing through the security control of the firewall. On the other hand, […]