[python]Match most of the Cisco ASA access list patterns with regular expression

Regular expression reference Purchase the course by Sujith George The Complete Regular Expressions Course:Beginner to Advanced from Udemy Study this code from git hub, this code gives a good idea on how you should match access-list, from this course I realize the regex module can convert the matched data to dictionary. Read this documentation about … Continue reading [python]Match most of the Cisco ASA access list patterns with regular expression

[python]Detect changes in configuration of ASA

Three python scripts were written for doing specific tasks. conn_asa.py - this script is responsible for generating two outputs hostname and md_now (md is short for message digest) statechange.py - this script writes the hash generated from conn_asa.py into database. compare_change.py - this script compares the hash stored in db with the current hash generated … Continue reading [python]Detect changes in configuration of ASA

Config example for ipsec vpn with iPad native vpn client

The iPad native vpn client supports ikev2. I have searched many documents in the internet and most of them are example for site-to-site, very few useful documentation about remote access vpn with ipsec using ikev2 perhaps for remote access ssl vpn is more convenient and popular. So here's the sample config. The config use certificate … Continue reading Config example for ipsec vpn with iPad native vpn client

Cisco ASA: Setting up anyconnect vpn with SSL and IPsec

Introduction This post demonstrates how to set up anyconnect vpn for your mobile devices. In this post I am using an android mobile phone and downloaded anyconnect ICS+. Cisco ASA software version 9.1(4), ASDM version 7.1, with anyconnect essential license and anyconnect for mobile license. This demonstration will configure IPsec and SSL remote access VPN, … Continue reading Cisco ASA: Setting up anyconnect vpn with SSL and IPsec

Cisco ASA: Firewall rule testing before deployment

Introduction You want to segregate the network between users and servers network. Both the users and servers network is using the same subnet 192.168.20.0/24, to reduce the changes while implementing firewall and to test the firewall before it is deployed in between users and servers you have decided to do the following: 1. Use transparent … Continue reading Cisco ASA: Firewall rule testing before deployment

Cisco Systems: TACACS+ authentication

TACACS+ brief introduction 1. Utilizes TCP 49. 2. Encrypts the entire packet. 3. Separates authentication, authorization and accounting. Setting up Cisco ACS The task here is to create a user group, user account and setup the network configuration to get it started. Click on Network Configuration, under AAA Clients click Add Entry The AAA Client … Continue reading Cisco Systems: TACACS+ authentication