Cisco ASA Firewall Configuration Guide
(versions 8.x and 9.x)
For ASA 5500 and 5500-X Devices
"Probably the most updated and practical Cisco ASA tutorial out there..."
Third Edition - New Content Added
Written By:
CLICK FOR AUTHOR BIO
This ebook has been recently updated to cover the newest ASA version 9.x and also all configurations will work on the new 5500-X Next Generation ASA models. This ebook covers all Cisco ASA versions 8.x and 9.x and includes the changes in NAT introduced in version 8.3 (pre-8.3 and post-8.3 commands are shown where needed). It is currently the only tutorial online that provides so many real-life configuration examples and practical guidelines for configuring the core firewall features of ANY Cisco ASA model (5500 or 5500-X).
Dear Network Security Professional,
Thank you for visiting my website. You are a few steps away from learning the
Fundamental Configuration Details of one of the Best and most popular Hardware Firewalls in the market...
The Cisco Adaptive Security Appliance (ASA).
Network security threats are exploding. Numerous security technologies, and software or hardware products have been developed to mitigate these threats. However, the good old hardware firewall is still the cornerstone of any security implementation.
Cisco, with its ASA Firewall product lines (5500 and 5500-X models), holds one of the top positions in the firewall appliance market.
Learning therefore to deploy, configure, and administer the Cisco ASA Firewall will give you a competitive advantage as a professional in the networking/security field.
The "Cisco ASA Firewall Fundamentals - 3rd Edition" eBook
below will help you achieve just that.
CLICK FOR TABLE OF CONTENTS
Who will benefit from this eBook?
I have been working in the networking area for over 15 years and earned several Cisco Certifications including
CCNA, CCNP and
CCSP. I firmly believe that my Cisco firewall experience and knowledge that has been accumulated over the years and included in this technical ebook will be of great benefit for a range of professionals including:
 |
Cisco ASA Firewall Administrators |
 |
Network Security engineers/designers |
 |
IT Security consultants |
 |
Network Security consultants |
 |
IT or Network Administrators |
 |
Professionals preparing for Cisco Security Certifications |
What is included in this eBook?
To completely cover from top to bottom all possible details, concepts, features, capabilities and configuration scenarios for the Cisco ASA Firewall you will need a whole bookshelf of textbooks. Instead, you could read this practical and "Direct-To-The-Point" eBook that covers the most important and common configuration scenarios and features that will put you on track right away to start implementing ASA Firewalls immediately.
The first two editions of "Cisco ASA Firewall Fundamentals" have been embraced by thousands of professionals all over the world. Now, the newly updated 3rd Edition ebook contains additional advanced configuration concepts and features to offer you even more knowledge and a more complete picture of the Cisco ASA Firewall.
Moreover, I have reviewed, tested and updated all configuration commands and examples to make sure they work on the newest ASA software version 9.x. Also, all content in the book is applicable for both the 5500 series as well as the newest next generation ASA 5500-X models (for the core firewall features).
As I have said above, this eBook will teach you how to configure and implement any Cisco ASA 5500 Series and 5500-X Series Firewall running software versions 8.x and 9.x
In summary, here are some of the topics that we will be covering in the book:
 |
Getting Started with Cisco ASA Firewalls (User Interface, Access Modes, Software updates, password recovery etc) |
 |
File Management |
 |
Basic Firewall Configuration (Basic Configuration Steps) |
 |
Security Levels (Traffic Flow between Security Levels) |
 |
Configuring Network Address Translation (NAT) for pre-8.3 and post-8.3 versions |
 |
Different types of NAT such as PAT, Static NAT, NAT Exemption, Port Redirection etc |
 |
Configuring DMZ Networks |
 |
Configuring and Using Access Control Lists (ACLs) |
 |
Controlling Inbound and Outbound Traffic with ACLs |
 |
ACL Object Groups |
 |
Configuring VLANs and Subinterfaces |
 |
Configuration of Threat Detection (Basic, Advanced, and Scanning Threat Detection) |
 |
IPSEc VPNs (site-to-site VPN, Remote Access VPN etc) using the legacy IKEv1 standard |
 |
IKEv2 IPSEC VPNs |
 |
Anyconnect Secure Mobility Client (SSL VPN, IKEv2 VPN, Certificate Authentication etc) |
 |
Configuring Active/Standby Stateful Failover |
 |
Advanced Features of Device Configuration |
 |
Authentication Authorization and Accounting (AAA) Configuration |
 |
Device Access Authentication using external AAA Server |
 |
Cut-Through Proxy Authentication for TELNET,FTP,HTTP |
 |
Configuration of Identity Firewall |
 |
Configuring Routing Protocols on ASA (Static Routes, RIP, OSPFv2, OSPFv3, EIGRP) |
 |
Modular Policy Framework Configuration (Class Maps, Policy Maps etc). |
 |
Using Modular Policy Framework for setting TCP connection limits. |
 |
Using Modular Policy Framework for Traffic Inspection. |
 |
Configuring Quality of Service (QoS)-Traffic Policing, Shaping, Voice Priority Queueing etc |
 |
Cisco ASA 5505 Overview |
 |
Cisco ASA 5505 Hardware and Ports |
 |
Cisco ASA 5505 Licensing |
 |
PLUS MANY MORE |
All the above information is supported with more than 50 detailed Network Diagrams and other pictures. Some examples are shown below (Click on image to enlarge):
For Which ASA Models?
You will learn to configure the following ASA Models (basically ALL ASA models available):
 |
CISCO ASA 5505 |
 |
ALL CISCO ASA 5500 MODELS |
 |
ALL CISCO ASA 5500-X MODELS |
NOTE: For ASA5500-X models, the book does not cover Next Generation Firewall features such as ASA CX, Cloud Web Security or Web Security Essentials. However, all the content in the book will work on 5500-X models as well.
By purchasing this configuration guide, you will be getting huge discounts for the updated books that I will be publishing in the future. Just make sure to subscribe to my "Customers Email list" (at the download page after purchasing the ebook) in order to be eligible for the discounts.
TESTIMONIALS
Below are some actual comments that I have received from people who purchased this ebook before:
"Are you going to do a ASA Advanced (SNAA) book. You did a great job on this one.
Thanks"
Glenn
"hello all
thanks for giving a book its help me to understand asa"
sunil
"Hi Harris,
I just want to say thank you to you. Your books saved my project. I seriously look for forward to see your next book coming - please keep it under 100 pages!
Regards,
Hoi"
Hoi
"Hi
I have bought your book since many weeks and you have done great job. I wouldn't hesitate to buy Advance version of it. I hope it will be jam packed with lots of real world examples and diagrams. If the eBook is full of great information and covering each Technologies for real world scenarios then I am happy to pay whatever price your chose.
I have various different ASA books but whenever I want go back to basics, I go and check your color full diagrams plus simple explanation. End-of-Day I am human and forget things. Memory buffer overflow. "
Riz
"Hi Harris,
Your book has been one of the best books I've bought so far. It provides me with a foundation of knowledge that is allowing me to progress further in my career. Also, it's great that you also find the time to answer some newbie questions (thanks again for providing advice)! I can't wait for the next book to come out!
Regards,
John D. "
John D.
"I Just want to say that this Cisco ASA Doc has been a great help to me as a Cisco Consultant. As a Cisco Consultant I have to understand all Cisco Technologies , and having a good reference Doc is hard to come by. Also want to say for the price its a great deal!!!"
Richard
"I have bought your ebook yesterday… GREAT JOB!
Thank you!"
Luigi
Luigi Pandolfino
"hi Harris
just i want to say that your book is so far one of the best book that i have purchased , it’s for me a reference and it help me to performe a good project , and it’s value worth more than 27$
can’t wait for your next book"
Thank you!
Unes
"Cisco ASA Firewall Fundamentals book is well worth the cost. Its contents were just right for me.
I understand intermediate networking but I don't work on Cisco ASAs often enough to remember everything and I didn't know much about the new 8.3 changes. I use Cisco ASA Firewall Fundamentals more than any other Cisco ASA book as a quick reference and a reminder if I have a Cisco ASA question. This book quickly showed me what the significant changes in 8.3 are.
Cisco ASA Firewall Fundamentals isn't dense like most Cisco books. It's very accessible. It doesn't contain every detail but it's the most used Cisco ASA book in my library (including all the books on O'Reilly Safari). It's easy to quickly read through, digest, and also good to refer back to later. It has excellent examples and explanations with helpful diagrams along with the command line commands.
Harris, thanks for writing this book and making it available at a reasonable price. If you write more books I will buy them too."
Lance
"We upgraded from a 10 year old Netscreen NS100 to a Cisco ASA5510 and this book was a great asset in learning how to recreate our firewall rules. It's a very short read and right to the point! I found it much easier to follow than Cisco's own book and would definitely recommend it as your main or companion reference."
John Mello
"Hello Harris,
I can't thank you enough for the the information you provide in your book. Even though I have taken both ICND courses and have a firm grasp of Cisco OS, I find myself referencing your work quite often.
Thanks again,
Paul."
Paul Belter
"Hi Harris,
Your book is awesome, I’m glad that I brought it. 1 thing that I can only promise you is that I’ll recommend your book to my colleagues and on my previous colleagues and I won’t give a copy to them.
Thank you
Marco."
Marco
"Mr. Harris Andrea,
I wrote you one time and you replied back, it was about a command in Class-Maps and you informed me that it was introduced in version 7.4, awesome!. I was very impressed, thank you.
Just wanted to let you know, that the book, Cisco-ASA-Firewall-Fundamentals took me to the next level configuring and troubleshooting Cisco ASA 5510 firewalls.
Perhaps let us know about your next book and include configurations for QoS on the firewall, since some VoIP providers are found now on the internet.
Thank you again, regards
Oscar "
Oscar Cid
"Dear Harris,
The Cisco ASA Firewall Fundamentals book is simply incredible.I was afraid of reading the Entire Cisco ASA firewall book as its too time taking to finish . But ur book has made my work easy .U did a splendid job in ur book. I would like to call it a short a precise book for quick and better understanding. The way u wrote the books shows that you are really a Master of ASA Technology. I hope in future u shall write books for CCIE level also, it will be a great fun to read the books written by you. Thanks from the Bottom of my Heart. I will be waiting for your CCIE Level books.
Kind Regards,
Mani"
Maniram Sahu
You can see those testimonials on my blog post HERE.
FREE BONUS:
11 Complete Configuration Examples
TABLE OF CONTENTS FOR BONUS DOCUMENT
I'm offering you also, as a FREE Bonus, 11 real world complete configuration examples which have been tested to work on both ASA 8.x and the newest ASA 9.x versions. Each configuration example contains a network diagram and explanation of the scenario to be configured. Then, the complete ASA configurations are given together with command explanations as needed.
The Bonus Configuration Examples include:
 |
ASA 5505 Basic Internet Access with DHCP |
 |
ASA 5505 with Dynamic IP Address and DMZ Host |
 |
ASA 5505 with Microsoft SBS Server on the Inside |
 |
ASA 5505 with PPPoE Internet Access |
 |
Hub-and-Spoke IPSec VPN with Dynamic IP Spoke |
 |
Site-to-Site IKEv2 IPSec VPN between two ASA |
 |
Remote Access VPN with IKEv1, IKEv2 and SSL on the same ASA Device |
 |
Anyconnect SSL VPN with Microsoft Active Directory Authentication |
 |
Special site-to-site IPSEC VPN between two ASA with Controlled VPN access |
 |
ASA Firewall with DMZ and two Internal Zones |
 |
How to Block Access to specific Websites with Cisco ASA |
PAYMENT AND DELIVERY

PAYMENT
You can pay securely using your Credit Card or PayPal.
Note that you can use your Credit Card even if you don't have a Paypal account (see image below).
INSTANT DELIVERY
These are Acrobat PDF Format eBooks. After purchasing with your Credit Card or PayPal you will receive an email with a download link to get your eBooks instantly.
PRICING INFO
OPTION 1
 |
Cisco ASA Firewall Fundamentals-3rd Edition (includes ASA5505 Info) |
 |
Plus Bonus 11 Complete ASA Configuration Examples |
FOR ONLY
$29.95 $19.95
This is the best value for money book for Cisco ASA Firewalls that you can find out there!!!
If you think the price is high, I ask you to search around the Internet and if you find a similar technical book about Cisco ASA Firewalls with so much detailed content, then I will give you the eBooks for FREE....Period
OPTION 2 - BUNDLE
I have recently published my new ebook "Cisco VPN Configuration Guide" which is priced at $19.95 SEE DETAILS HERE
As a special Bundle Package, I offer you the following 3 eBooks on discount:
 |
Cisco ASA Firewall Fundamentals-3rd Edition (includes ASA5505 Info) |
 |
Plus Bonus 11 Complete ASA Configuration Examples |
 |
Plus Cisco VPN Configuration Guide |
FOR ONLY
$39.90 $29.95
(Limited Time Offer)
Think about it for a minute: By purchasing the above Bundle Package you will invest in your professional education and enrich your technical knowledge on Cisco ASA Firewalls and Cisco VPNs for a price that is less than a dinner for two. Is it worth it or not?
30 Day Money-Back Guarantee
I'm so confident that you will be completely satisfied with "Cisco ASA Firewall Fundamentals - 3rd Edition" that I offer you unconditional Instant Money-Back Guarantee. Just send me an email within 30 Days from your purchase and you will get your money back...No Questions Asked.
Get your copy now for only $19.95
All the Best with your Professional Career
All brand names and product names used herein, are trade names, service marks, trademarks, or registered trademarks of their respective owners. "www.networkstraining.com" and "Cisco ASA Firewall Fundamentals" are not associated with any product or vendor mentioned, including Cisco Systems. PIX and ASA Firewalls are registered trademarks of Cisco Systems, Inc..