The Cisco ASA firewall appliance provides both graphical and command line methods for connecting to the device for management. With the graphical method, the administrator can use a web browser (https) for managing the firewall. This method necessitates that the ASDM software (Adaptive Security Device Manager) is installed on the flash memory of the firewall. […]
Restricting DMZ server access with time based ACL on ASA
One of the features of Access Control Lists on Cisco ASA firewalls (available also in IOS routers), is that you can schedule when a particular ACL entry is activated. That is, a specific access-list statement will remain disabled until a specific time range is reached. This is useful in cases where you want to allow […]
How to Recover the Password on a Cisco PIX Firewall
There are going to be several situations whereby you or a customer of yours may forget the password of a Cisco PIX firewall appliance. The following procedure will show you step by step how to recover the lost password. This works for all PIX models running versions 6.x. Note: For password recovery on the newer […]
Using Interfaces with Same Security Levels on Cisco ASA
Most Cisco ASA firewall models allow you to have a maximum number of VLANs greater than 100 (e.g 150, 200, 250). Each Layer 2 VLAN on the ASA is essentially a different security zone, with its own Security Level number. As we know, security levels can range from 0 to 100 (i.e we have 101 […]
Cisco ASA 5500 Dual ISP Connection
Starting from version 7.2(1) and upwards, the Cisco ASA 5500 series firewall supports now the Dual-ISP capability. You can connect two interfaces of the firewall to two different ISPs and use the new “SLA Monitor” feature (SLA=Service Level Monitoring) to monitor the link to the primary ISP, and if that fails, the traffic is routed […]
ASA Firewall NAT Control Feature
With the original PIX firewall models, all traffic traversing a Cisco Firewall between inside to outside (higher security level to lower security level) had to match a NAT rule, otherwise the traffic was blocked. For example, in order for an inside web client host to access an outside web server host, there should have been a NAT translation […]
Firewall Technologies
Firewalls are used to protect computer networks from hostile intrusions. A hardware firewall separates trusted internal networks (e.g Internal corporate LAN) from external non-trusted networks (e.g Internet or untrusted WAN). The primary objective of the firewall is to examine all inbound and outbound traffic to see if it meets specific criteria (firewall policy rules). If […]