A few days ago I have published the updated 3rd edition of “Cisco ASA Firewall Fundamentals” tutorial ebook which covers the latest ASA version 9.x and also is applicable for both the 5500 and 5500-X series of devices. What I have done with the 3rd Edition (in addition to adding a lot of new content) […]
Cisco ASA Firewall Fundamentals 3rd Edition
Today I have officially launched my new ebook “Cisco ASA Firewall Fundamentals – 3rd Edition” which is probably the most updated and practical Cisco ASA tutorial out there. It covers the newest ASA version 9.x (plus older versions as well) and all content in the book is applicable for both ASA 5500 and 5500-X series. […]
Comparison of Cisco ASA5500 Vs ASA5500-X
Although Cisco created a new series of ASA appliances (5500-X series), there are hundreds of thousands of older Cisco ASA 5500 models installed and working in networks all over the world. If you are one of those professionals who are considering to upgrade your older ASA5500 appliances with the new “X” models, I have prepared […]
Comparison of Cisco ASA Software Versions
With the expansion of Cisco ASA models and the addition of new types of devices, it is inevitable to have also a confusion about which software version is supported for each model. A few years ago we had only the Cisco PIX series which were replaced by the successful Cisco ASA 5500 series firewalls. Now […]
Upgrading Memory of Cisco ASA Firewall (5505,5510 etc)
After the introduction of Cisco ASA software version 8.3 a few years ago, the device’s memory requirements for low-end models have been doubled. Many firewall administrators have been discouraged from this move from Cisco because they had to upgrade their firewalls RAM memory in order to upgrade to the newest versions. Upgrading the memory not […]
How to Recover a preshared key of IPSEC VPN on Cisco ASA
One of the ways to configure authentication between two Cisco ASA firewalls having a site-to-site IPSec VPN tunnel between them is to configure a pre-shared key under the tunnel group attributes. This is actually the most common implementation of IPSEC lan-to-lan authentication that you will find in most real life networks. The pre-shared key must […]
Comparison Between Cisco ASA WebVPN Technologies
Cisco ASA supports two major WebVPN modes: Clientless WebVPN and Anyconnect WebVPN. Let’s see the differences between the two WebVPN modes and I’m sure you will understand why the AnyConnect mode is much better in my opinion. Clientless WebVPN does not require any VPN client to be installed on user’s computer. It uses a normal […]
Cisco AnyConnect SSL VPN Client on Cisco ASA 5500
The convenience and advantages of secure VPNs has driven the specific technology to keep evolving continuously. Several years ago we only had the standardized IPSec VPN (which still strongly exists today). IPSec is a pure IP network VPN technology for connecting distant LAN networks over unsecured paths. Also, IPSec is used for client VPNs connecting […]
Access List & NAT on Cisco ASA Firewall-Order of Operation & Examples
Access Control Lists (ACLs) and Network Address Translation (NAT) are two of the most common features that coexist in the configuration of a Cisco ASA appliance. For both inbound and outbound access control lists, the IP addresses specified in the ACL depend on the interface where the ACL is applied. These IP addresses must be […]
The power of the Show Version command on Cisco ASA
Maybe the most popular and frequently used command on Cisco ASA firewalls is the one which shows the current running configuration, that is the “show run” command. However, maybe the most powerful command on Cisco ASA is the “show version” command. An example output of a show version command is shown below: CISCO-ASA# show version […]
Connections and Translations on Cisco ASA Firewalls
In order to be able to monitor and troubleshoot your Cisco ASA firewall, you need to understand the difference between connections and translations. Refer to the diagram above for an explanation about Connections and Translations. A Connection works at the Transport Layer and includes the Source IP/Source Port and the Destination IP/Destination Port. Connections are […]
Cisco ASA Multiple Context Mode – Configuring Virtual Firewalls on Same Chassis
A single Cisco ASA appliance can be partitioned into multiple virtual firewalls known also as “Security Contexts”. Each security context acts as a separate firewall with its own security policy, interfaces and configuration. However, some features are not available for virtual firewalls, such as IPSEC and SSL VPN, Dynamic Routing Protocols, Multicast and Threat Detection. […]
Cisco ASA Firewall Fundamentals ebook : Rapidshare and Torrent Free Download
The “Cisco ASA Firewall Fundamentals” ebook, that I have authored and been selling on this website, took me many hours of hard work to write. In addition to the work effort of writing this ebook, it encompasses also enormous value from many years of experience in administering and implementing Cisco ASA firewalls. Why am I […]