Topology Lab Objective Linux 7 and Linux 8 are within the same subnet, however all initiated traffic towards Linux 8 must be blocked. Linux 8 is allowed to access to all destination. ASAv Setup Change ASAv1 and ASAv2 into transparent firewall firewall transparent 2. Configure failover on ASAv1 as primary !one of the interface will be … Continue reading Transparent firewalling with Cisco ASAv
Introduction I was following a guide on how to create a custom location of the crl and got stuck when trying to publish the CRL, the error is Access is denied 0x80070005. Apparently even my CA has full control of the directory and NTFS permission the publishing is denied. It turns out that I need … Continue reading Access is denied when publishing CRL
Introduction This post demonstrates how to set up anyconnect vpn for your mobile devices. In this post I am using an android mobile phone and downloaded anyconnect ICS+. Cisco ASA software version 9.1(4), ASDM version 7.1, with anyconnect essential license and anyconnect for mobile license. This demonstration will configure IPsec and SSL remote access VPN, … Continue reading Cisco ASA: Setting up anyconnect vpn with SSL and IPsec
I was using anyconnect ICS+ to test anyconnect with ipsec, however my anyconnect ICS+ client says "Login failed" despite I have put in the correct credential. after troubleshooting it was found that <code>tunnel-group-list enable</code> command was not put in.
I have a checkpoint R76 software blade with directly connected interface to my ASA5505. I have done automatic static NAT for one of my objects in checkpoint R76, by doing automatic static NAT checkpoint R76 will actually do a proxy arp if my hosts is trying to reach the destination NATted address, however for some … Continue reading Adding static arp to ASA5505
Introduction You want to segregate the network between users and servers network. Both the users and servers network is using the same subnet 192.168.20.0/24, to reduce the changes while implementing firewall and to test the firewall before it is deployed in between users and servers you have decided to do the following: 1. Use transparent … Continue reading Cisco ASA: Firewall rule testing before deployment
Summarized Steps On ACS: 1. Create an ACS server administrator account with full ACS privileges. This admin credential is required for CSM AAA Mode Setup. 2. Enable Network Device Group. 3. Rename User groups. 4. Create users and associate the users to appropriate groups. 5. Create system identity user and group this user. This same … Continue reading CSM: Integrating CSM with ACS version 4.2